koooralive-tv.net Open in urlscan Pro
2606:4700:3037::6815:519e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://koooralive-tv.com/
Effective URL:
https://koooralive-tv.net/
Submission: On April 30 via api (April 30th 2023, 5:20:09 pm UTC) from US — Scanned from DE

Summary HTTP 296 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 47 domains to perform 296 HTTP transactions. The main IP is 2606:4700:3037::6815:519e, located in United States and belongs to CLOUDFLARENET, US. The main domain is koooralive-tv.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2023. Valid for: a year.

This is the only time koooralive-tv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 5	172.67.208.32 172.67.208.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3037::6815:519e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
53	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9	2606:4700:20:... 2606:4700:20::681b:4171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
26	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:a600:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
3 6	54.194.221.155 54.194.221.155	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15 44	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
7 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 9	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.252.16.161 34.252.16.161	16509 (AMAZON-02) (AMAZON-02)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:afe0:73b0:382f:616	16509 (AMAZON-02) (AMAZON-02)
1 1	52.73.108.74 52.73.108.74	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2600:9000:211... 2600:9000:211e:3a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:8400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
22	2600:1f18:1ac... 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14	14618 (AMAZON-AES) (AMAZON-AES)
31	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
3 5	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.194.221.34 18.194.221.34	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25a... 2600:9000:25a2:2600:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
296	46

5 172.67.208.32 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

koooralive-tv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3037::6815:519e (United States)

ASN13335 (CLOUDFLARENET, US)

koooralive-tv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681b:4171 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:a600:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.194.221.155 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-221-155.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 172.217.18.98 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.123 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.16.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-16-161.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:afe0:73b0:382f:616 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.108.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-108-74.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:3a00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:8400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Castricum, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.252 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.10 (Nagold, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.221.34 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-221-34.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:2600:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	472 KB
72	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 bid.g.doubleclick.net — Cisco Umbrella Rank: 986 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	363 KB
32	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1049 static.adsafeprotected.com — Cisco Umbrella Rank: 820 dt.adsafeprotected.com — Cisco Umbrella Rank: 738	307 KB
31	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	698 KB
15	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	12 KB
12	demand.supply live.demand.supply — Cisco Umbrella Rank: 32910	33 KB
12	koooralive-tv.net koooralive-tv.net	160 KB
9	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	10 KB
9	kooora4live.com www.kooora4live.com — Cisco Umbrella Rank: 671178
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	243 KB
5	koooralive-tv.com 5 redirects koooralive-tv.com	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 672 rtb0.doubleverify.com — Cisco Umbrella Rank: 1069 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 20299	21 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
3	gstatic.com www.gstatic.com	15 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5261	818 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 535	954 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	1 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 9403	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 875	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 883	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50702	1 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1005	878 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689 ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	838 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	869 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	314 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323	12 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12435 s4.histats.com — Cisco Umbrella Rank: 9637	5 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	351 B
1	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 31492	37 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2823	173 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955	574 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	265 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3974	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009	984 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1063	463 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
296	47

	Domain	Requested by
53	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net fw.adsafeprotected.com s0.2mdn.net www.googletagservices.com
44	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
31	s0.2mdn.net	koooralive-tv.net s0.2mdn.net acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com koooralive-tv.net googleads.g.doubleclick.net s0.2mdn.net
22	dt.adsafeprotected.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
13	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
12	live.demand.supply	koooralive-tv.net live.demand.supply client
12	koooralive-tv.net	koooralive-tv.net
10	googleads.g.doubleclick.net	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com pagead2.googlesyndication.com
10	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
9	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
9	www.kooora4live.com
6	googleads4.g.doubleclick.net	koooralive-tv.net
6	fw.adsafeprotected.com	3 redirects acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com koooralive-tv.net
6	www.google.com	1 redirects tpc.googlesyndication.com koooralive-tv.net acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
6	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	onetag-sys.com	3 redirects acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
5	www.googletagservices.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com koooralive-tv.net
5	koooralive-tv.com	5 redirects
4	static.adsafeprotected.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
3	www.gstatic.com	koooralive-tv.net acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	cdn.doubleverify.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com cdn.doubleverify.com
2	x.bidswitch.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	um.simpli.fi	2 redirects
2	m.exactag.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	bid.g.doubleclick.net	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
2	s.ad.smaato.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	fonts.googleapis.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com koooralive-tv.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
1	ups.analytics.yahoo.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
1	cdn.besafe.global	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	tr.blismedia.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	match.adsrvr.org	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
1	mug.criteo.com
1	a.rfihub.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	cms.quantserve.com	acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	s4.histats.com	s10.histats.com
1	s10.histats.com	koooralive-tv.net
296	65

This site contains links to these domains. Also see Links.

Domain
koooralive-tv.com
go.yalla-shoot-matches.com
kooora4lives.io
kora-online.io
yalla-shoot-tv.net
fal3arda-new.com
yalla-kora.io
bein-match.net
yalla-goalz.com
as-goal.io
kora-online-tv.net
yalla-shoots.co
yalla-lives.io
yalla-shoot-tv.io
kooora-lives.com
livesoccertv.tv
soccer-stream.tv
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-17` - `2024-03-15`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.kooora4live.com GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-01` - `2023-05-08`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
cdn.besafe.global Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://koooralive-tv.net/
Frame ID: B5B1723178C0503AE2996728C02B92E0
Requests: 71 HTTP requests in this frame

Frame: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE3DD12AEBDBBEB4E509EAE2EEA6C86C
Requests: 1 HTTP requests in this frame

Frame: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F007D334883A203AB73F26DE2BCDA5F
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4DB2347776ED3E1BFD4147AB804AD37
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10E3CB392765BA59393A624DC83DCE17
Requests: 2 HTTP requests in this frame

Frame: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3689823B09FF0E37547813579DDA7C2A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNXlw5zXloZ9uJS-DZLSG14qxkmYgS_lyUFrp4pxnryfB9cMQCbvUsSo7lT1blJWJM1x9Yw3I9kxld8qbgSyqcajUFLzSAz_6bkFzsnf4iPCa3fkvGVf9v1FNuQEx00n4B18FhPvUCfsx6wuNjhbKvSq_cZ-RA-q67oftOOZP7x7DoPu0BFkuyOOqF6vUq4tsIz61t6acM05xJGwkrGFs49ADaVDRg
Frame ID: 941FBAD75864FAB620D1163EE65D129A
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B3AA4C52B9F1085D7CE17BB32D5F052B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EDBF3A4A5A2F8F2A0B087D6BF7BAF1A3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8546B7C87C6F4C2A3DFAE3238FDB80BD
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=koooralive-tv.net
Frame ID: 5A3E37425AB5AA1090D46DC445A1F683
Requests: 2 HTTP requests in this frame

Frame: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE3159EA18D0720CD430601967A7BB47
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVlMhM4CwgH1l-hiLqoxOI_G6L-_5nbwsxgibCJcNyw3JCvWDrgDCT1tMir_TilseMtMTOXDmo9S4tYk7-FYme1PAf9r99Zi83Xqd7AY5jt3-HI1sJ7-qW5NUeJmRJSZDkS7GmYt6sTuUCnAkXuUfLESWhdCY1NEOhSNOHd9i_Vj-0TagI
Frame ID: 1FE192C18AF318361D8E4D5E9F28ACC1
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B78E0F695B65CBC6B40589CE19AAA8CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 90A10BE3834483BC70117A9E8BE452F9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F3835A82C42144EB5F502FC03185632
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 60877A0B227B899EA2AFEDF79F6B0961
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB842365EA1535B56F839F35A4C01158
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
Frame ID: B1E360F4C633E7A9EE91340A67704C8A
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
Frame ID: A0D29E57F1AA6B776918EF695CD092CE
Requests: 12 HTTP requests in this frame

Frame: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C233D9CDD9D55515CBC2ED26BAC8CBE
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNWJfu8QDmiH4Vnqu2EtbjTsQMmi5S65sUuU-UM4HTmdhTBQDyBKdG4bd7PnO4Vmzzo0DVd8bxR3WWpZOqduk9JjcTBBVX3WHOKkd97U0uY5yRg9PF_dYQ3LR_q-ujnDYFelsSCR-b4BzTdbhp2UYpw1pc7rxTs1MVXtt7oSNaB27Hi26QI
Frame ID: C770F7C7DADC68890981EB8DC0C53A69
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1B27A3999AA24F4CC5905D361713E163
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A158A20FC02F756DB3FBC2FB791CB491
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 300A22F6DD74B94542B6CB6D3C5164EE
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
Frame ID: 7ED245DEC9CBA1F597BB6E17505C0388
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17F737D84924414E722F5766B25DB943
Requests: 9 HTTP requests in this frame

Frame: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B8338E92592A92BB09303A3F2BDE8126
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwmv0mszQVWc1JPF29z6Ovjx69BXLwk8VO2MiE_Lw0nhb5ZZy67nDUeEyguAmFLCqRKFc0R7pe8cmAGgE61d9Nl5tL8wJTJwa7_zIKj7VGehWc-jPIk1GA8pZTjpeYWFi4tUkRdFLHRWt4pcjVppZRvJznLrPZAFoPb2g68bblarXZQO4
Frame ID: DB87BFE4A722C865CD781B92BF3D4F7F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 01ECF488513DA4AE5C5987908B90C7C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 034A5C578D35362B48048F7F01C8C6C0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A57E15F5DBE1E34FA4A9901664CCAA1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة لايف | koora live | مباريات اليوم بث مباشر جوال kora live

Page URL History Show full URLs

https://koooralive-tv.com/ HTTP 301
https://koooralive-tv.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

296
Requests

84 %
HTTPS

43 %
IPv6

47
Domains

65
Subdomains

46
IPs

7
Countries

2420 kB
Transfer

6286 kB
Size

50
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://koooralive-tv.com/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h2/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/yalla-shoot/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/fil3arda/
Title: في العارضة – fel3arda

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/bein-match/
Title: بين ماتش – bein match

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/go4kora/
Title: جو 4 كورة – go4kora

Search URL Search Domain Scan URL

URL: https://kora-online.io/
Title: كورة اون لاين

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.net/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://fal3arda-new.com/
Title: fal3arda

Search URL Search Domain Scan URL

URL: https://yalla-kora.io/
Title: yalla kora

Search URL Search Domain Scan URL

URL: https://bein-match.net/
Title: beinmatch

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/
Title: koora4live

Search URL Search Domain Scan URL

URL: https://yalla-goalz.com/
Title: yalla goal

Search URL Search Domain Scan URL

URL: https://as-goal.io/
Title: as goal

Search URL Search Domain Scan URL

URL: https://kora-online-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoots.co/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-lives.io/
Title: yalla live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://koooralive-tv.net/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://koooralive-tv.com/ HTTP 301
https://koooralive-tv.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://koooralive-tv.com/wp-content/uploads/2022/12/101.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/101.png

Request Chain 48

https://koooralive-tv.com/wp-content/uploads/2022/12/125.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/125.png

Request Chain 49

https://koooralive-tv.com/wp-content/uploads/2022/12/147.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/147.png

Request Chain 51

https://koooralive-tv.com/wp-content/uploads/2023/01/134.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2023/01/134.png

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1

Request Chain 101

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1&google_hm=2

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKs1dX77eEMWFXqU6dvhPZg&google_cver=1

Request Chain 103

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Request Chain 105

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJCWfOLp_P8mdNZwARQAr0M&google_cver=1&google_push=ATf1kGOWfOPmdAULlwgziZXNg2h4lV20Y_CXNdpI_1-5oonaVrN0oMhGSlN1hAGCfcHkGNJ4Kh8lplxeG1D_eIdTnX78J7eiT0s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg1Nzg3MDY1MTQzMzY2NjI2NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOI8oOTOzH3i6nR9eQNTc&google_cver=1

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEICHn2WrY7w1OiIuYSIctCA&google_cver=1&google_push=ATf1kGM8x7s38RT-kAreM6Ezfwzd6Ielg_-RaDQgYzyG2hP6axn3VIYYVXxQbX0QtcEY5zPLWwJs26XGvG6oC9wTUiBxbfIWog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEICHn2WrY7w1OiIuYSIctCA&google_push=ATf1kGM8x7s38RT-kAreM6Ezfwzd6Ielg_-RaDQgYzyG2hP6axn3VIYYVXxQbX0QtcEY5zPLWwJs26XGvG6oC9wTUiBxbfIWog

Request Chain 108

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzrYFxLfF7lBm79en8mlpc&google_cver=1&google_push=ATf1kGOnMwxM0jdbUgnxb4b25qxCkivBs8Qs6NC6ACGKJ_vGkI_am6RUmvfW5mnLWrauIn2QQxagmRjmRp3SStrWb-aP9iuPxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOnMwxM0jdbUgnxb4b25qxCkivBs8Qs6NC6ACGKJ_vGkI_am6RUmvfW5mnLWrauIn2QQxagmRjmRp3SStrWb-aP9iuPxA&google_hm=eS04b2czRzF0RTJwRjlQZHVRU1plYXk3b3lQNUVRZ3ZtdH5B

Request Chain 109

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECDC1ikM6PX90H2rk4FYTcA&google_cver=1&google_push=ATf1kGMtStVTGsu7PP_sZLTbDwyXMBkFqUyuEm0z4hcDC9_YJFFShpbnqQi4ZwtYFt-v7dX5VrC_0ojMaTA7Ia31-0hrznjB4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ThH0ZtyaUD1pmUA8c7nxGFD_Csg&google_push=ATf1kGMtStVTGsu7PP_sZLTbDwyXMBkFqUyuEm0z4hcDC9_YJFFShpbnqQi4ZwtYFt-v7dX5VrC_0ojMaTA7Ia31-0hrznjB4Q

Request Chain 110

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGA1vhsaVvSVe8aZUeJzgRw&google_cver=1&google_push=ATf1kGNeiYFq8jOrFYBy_6mkp9DRuCv6kH14Xudgg2pgsGBMJD7bMNFr7SMIilqlZ0I0L63tTNSdIp2dvrWETSfFj5eNHe5GhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNeiYFq8jOrFYBy_6mkp9DRuCv6kH14Xudgg2pgsGBMJD7bMNFr7SMIilqlZ0I0L63tTNSdIp2dvrWETSfFj5eNHe5GhA

Request Chain 111

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELuHm-IDfgCole_P0_Leuo8&google_cver=1&google_push=ATf1kGNrB9flUTsR6ZMEzLIWfU7IoC3NqHnX1fZFEob5z5H0S-o3vW6XdnSP6YX73VJUQ0-lQ3tfNvcI4mtpQmhb3zhKgnlt4kc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGNrB9flUTsR6ZMEzLIWfU7IoC3NqHnX1fZFEob5z5H0S-o3vW6XdnSP6YX73VJUQ0-lQ3tfNvcI4mtpQmhb3zhKgnlt4kc&google_hm=NTQ3MDE4MDc4NTQzOTk3NTI3Ng==

Request Chain 113

https://gum.criteo.com/sid/json?origin=publishertagids&domain=koooralive-tv.net&sn=ChromeSyncframe&so=0&topUrl=koooralive-tv.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=QG4Ay3wza215d1NONkhOVUlaNUVUblV1MzVPaTAwaUJFcDhDZFY0OHpIelNXRnBMT2l4YWJHZm52Qks1MU1xbHJwZWppNWRMQ2UzRWQ1bmlyeEFkZWsyNVFzM3VmeXlsY1BoYkNwSWFUZjY5U2lYeUh1R0ZCWTZZdllrSDQ0V1Q0QVM0ZjM1L0ZNNzN1VEQ3WG1tQmt0bFcvbXhlSm9iM3A3Q2xaK005MWZSb0xPenc5dU5VRjF6aXo3RjUzZlNXZDJkNy9RVFBDUWpjRjdjOGtlazdla0ZRN0NFV0NXZEZQOFIvZlNpb3RpVndTSmN4Zmd4dVV0cW9qTEs0a1V2K3lwVmZiQWRUODRMK3lsTzNycFRFN0xON3ZEZz09fA&cppv=2

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1&google_hm=2

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0fMrEWpx02QDyIA0t9-yI&google_cver=1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Request Chain 134

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9HhRsHRZ5oaSxzMLnQ8wxkAQOFZTazxiULo04FIqMnMlH0ExFEaCVf6LEYQqPC5b36rCmaTuKUdUQ6koXks9O6ljZ3VeIX6vv02W4SqRQAoCZ_4IyaZnci4eFNt-xXFhrnchrq-aXwo6izS92raM_ccERhvZ1O2aYBg27N15DaBSfE9hA0nDdYXfYkD4mMYDOY8vE3y599gLbU1QyYyaQF4ddeF6XkMptsIZkAbIqHVYuKQPUuGv22osQvp9aTMdv4dXxr8m4ogqT6cMsb_hHf_Y9ZMeaadpUxv_ZolOYDABPaYWITixM4tj9DIn7D-TM6F-rxTJWvEaaQWEN36wA_nPMn_20E7UdlTL1KQm3U8gIeMZ_iI4nMwMvqbptEK4KU71T20de56bO32J07fUdxZ5X3EBYZ63yDtLFI9iy15A1eKyVojON0rq6pZxNqn3Uv4fSz56sw1hQkcez2mVdyNvvGMDaY0lG4cKTGsfD-g15MBHOkxa541oJbs1s3Q-Oa12tITbPVWwldnc8viQ-YbbwmdmIynnF1eG_K44xHsT9AYXKzWAUYOCz33iX1jP2wz2zk8Ff2ofD2tvyNxcOflXWwHzX-BIleW8A1iYUNWv3SPkr-mNUIboeMBDlbN7VU7t3UK2zxKYHR6_VnsbFRHOQtTbt0OU6nLHCm5n75Q0nw5xOUbykOTuPXxah2175xGrDvxOV-GKjpsAtlQCV6JKhaNk726uCtNlVjri9x4jRQCFEc27sf_tZwx3ll7X62OrwqN_Ep6DoZS5ZDGJ9iTqRjRK7IA_gP1tNdgwPMKNZFTTHpWrK-gsbH0FQauhgFTbG2W7pP4kT2Ea69Xwd2ImTcJXLv4eURRtJE53IgoF8KMmn294HHFE4basgtO1vQzc_X0sQq-Kqfxk3bAB_xql4hO-XLNONDQcdXDOUDBpXhqC9Cn6SrcX2r5MvQNd3ntrSzmkc7vlUcmD_J4bXZTkhDj2hjxNOeJlhE2sNqYa12cBj3SmTMYkL5ASgilnHbNMAbsmVtcek2hhA_nP5LhhdM2Rp_D21jhV3cUcqFnDLeY7Vd4DwvnAG1l7hQpL0Kv7KZQgQwPxezngSOxGAPfsy8itAlo4PSkwxh2VnhN6_RX35esERBJGUTSI4fGDb1D1DQjlHUXO5adm_EpSck7ZFPrkLMWRPL2c7fO_RC5yF2lOgYzzAf47Y9Dt4KbzyYLNgNGj0j02kPXiWIddDhKXlANd_wgIV62ErF-2YllkbeC1b6qTTiVFCMX30QXvyNkmlez6DmxHSACwK_orug2bmUg4509s__W0r40SGDFLEWTrtIP4ytiZHJ7dlmXKUrHTN9IRmBX5g52zP9iYFJ9LCFz8_divfRchLR--hwpGZ2zWcry7Tcm8fZ6FJYPedPZzqqXCwEKHDkleJRFc-G4T2oNmXWCafLWsnOueDLCPSZcTB0HowJsz4I5Frtukz7vuPR2RtMDOJIiAd8fK4jgEO1g8Q0yNvbp-JFe-B7TNp6jc10LpyqQKf8xf-tjBx0Jl2mGdcjhma9zmNg2b1deAe99Ykvs9fQp6eDKs9Qc7fAWjOvNchrIlGuHgF1xyhBvh--fTaMfV95cni5glGUssoU8aWKTqQK4Xx4nzo8QyIGXHhVz_flbjS9q9rdwje7thvN_SqQFVGaiIecX3eHIIhkzT3sIYMxx5Up28q3bBhyV1f9-uBf8tfEYucmB_0_VcbY49I-XZuczml1YKi6DXJIjV7E4o0YsrIDPScf9fS7HpPsZVdiUweCvB5HeqWeWTyAX7-UEqfVftCzoTXA67V09Vi6oEcfWsJqK03GGX96u8WyqfLaSvxSBtsbMkHuTkCfLobgn3AxOe7FOhLzpP9ZnjAsdRBJ-uYTbZWAAIipatCYxaMl5-24EUcXw1ZrP5hHfb81MRSKZdJTH_e9yx__zY05CoErzYcZ_tcJ7a7vvktMSlSgmWEmX_tn8EP1Sv1ffmxSYxfLpEEWyAZ6fy8P3tFBTYsU6tAmwGDEde1G-EzezxQB6HwrWHGgz6E9WKW54ZGV5rVNmggCWmU29WEuOhk2PB7FmWnA0HQ_nhVm0bz1D_T4p_-kchjvqr_8IVqfjf4F6rq65pWHFoICRP1FoAL4x48KmIb-mWIOuVNn3G22qC0ggCAIcQaCNkjvcAtLukL54sp7mT8dzVY4EaBjDfgijM_WzQbRnU9-09C1d58ehICQs-KQI-BryCIuqbDRXQpnL--MAFnuiDCmO_eLw627woNbWDwt3JK_L1dnwiMy-uREHF9Wsd-ZutvW-4K7cLZPwtV2Eun5qgCAUP7XI9TpXEuBbXJCF5GQypwXRgUOtSgAyCOEZRyozYftyeQuulXtvN99cnKYDV5RfrQrzzcFOnyN04jP6nPU2E9YIbUFkZVUJr8TbZ6JWIN4uq2CiJa-eh793qpzQTwrlKYcKi16tXRXrH4hykAxTN--kc9r3B-LEpE6L8SCiPGanllXAed5mLgBMJCMRiFv5DeYlpHBOHqqzrD8vxQxyZrAKMsxqnTixxxnlE_zBWOg0xuxGemYajHyT4dF-Zx77m1dZk5kAL2EGoywrVkFTeCVrREGSXP5iabseheZUHfmwD0lLELJYoeCBO3QUEdAXtpr4xDyLTq4CKFCWXGIJ50jkE15QXOols-0hyK0h4vQg1bPjX3hf6qW_zYXUzHaXuKuylXB-fu_AS4yk_fhisBPRGnQxMn4Niv9vN8nnMMzsAAQUsa8CcEjYQ_2Og2DAuIuOwkspuxrYDwl1-zRThcslvr-VgPoJnT12XIZ32oB7d6v82stex5MVyz0o4h40zX4Sq9cF47ckMB6uXsBBnN0vlWClL4jwsMeRX0kHiLqHMarg1FHI6zsrXbkB0qvbs3XhJmLTJ0ITHR6jsZzCF84MY4gnUlfkUJAQef6q_IcDBWcmzmy6FSWxzcHFr3sBsiie5zQ7B1yya_pA95QJWpDnhaCCXq0lskbPzW8NCBe4eXfpH4l9W07wu6j6vQ6DT00W6Fgrii8ICQCOWEzCexEdgG2g1kPgquL3DgJgWeYKcG-YYu18UZNBhYjHWvBvjAxgTZqV39dh7dkou2emUsv68eI073e0_AkHiqH5WKGoHuD8vag7q0WpMlpfmul5IIAi6sPO-x9LdPyQDB0fpZtuZQOEnvGa_63M4cYDs_K7NhI9r1zcEbLHfpmPtnoAbwDERZk-KsHUJx7qZrM_vpvYvlRpZoCcfbTk-1ej65CwtZc0haRMWy-1wKiuBiPo5F1Qr7va1H0zeBfPatd76NtmV_ImNTsOOYxRVjKyyIO5vqD8QUJf8cl-qYZ6DabnwrqVSttODtELTPlzWraanMMchBCy_omjK16GVZ7VJeRIHWHnsRZgf5QOCBUDWRFKRg9p4Qcku1y6jKagEk5M19f2MpQyuAUGz8A8xJBbrp7wDOdJjiESsOjYFX6XE801N9rz0nxcW9jJ7TgEwORFpEyBDUPdrzaQIWTPWMVDxS2BDIFxq6rVlavt5v2QTVYa_dTcIRAV9vdeUi3KX1v8HiXcvWg5EEaUggEEkwAcoEIg23OdFODSLHKVvB6Ii5helmk9le6GNmPvRPmRkkUM3jhdd3SgoSRvfEnFj39heVaktq86Jbd4hQ-9WUwfuSQOwPl_66sK5k_GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hxzBtM1STHrtsqwjwNg69S&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8842205d-d75b-758c-8402-82d8b16c9763,c:bi2nEv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-hclck,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C171,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:16,oid:3df73ceb-e77b-11ed-ac34-e22686c1869b,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9HhRsHRZ5oaSxzMLnQ8wxkAQOFZTazxiULo04FIqMnMlH0ExFEaCVf6LEYQqPC5b36rCmaTuKUdUQ6koXks9O6ljZ3VeIX6vv02W4SqRQAoCZ_4IyaZnci4eFNt-xXFhrnchrq-aXwo6izS92raM_ccERhvZ1O2aYBg27N15DaBSfE9hA0nDdYXfYkD4mMYDOY8vE3y599gLbU1QyYyaQF4ddeF6XkMptsIZkAbIqHVYuKQPUuGv22osQvp9aTMdv4dXxr8m4ogqT6cMsb_hHf_Y9ZMeaadpUxv_ZolOYDABPaYWITixM4tj9DIn7D-TM6F-rxTJWvEaaQWEN36wA_nPMn_20E7UdlTL1KQm3U8gIeMZ_iI4nMwMvqbptEK4KU71T20de56bO32J07fUdxZ5X3EBYZ63yDtLFI9iy15A1eKyVojON0rq6pZxNqn3Uv4fSz56sw1hQkcez2mVdyNvvGMDaY0lG4cKTGsfD-g15MBHOkxa541oJbs1s3Q-Oa12tITbPVWwldnc8viQ-YbbwmdmIynnF1eG_K44xHsT9AYXKzWAUYOCz33iX1jP2wz2zk8Ff2ofD2tvyNxcOflXWwHzX-BIleW8A1iYUNWv3SPkr-mNUIboeMBDlbN7VU7t3UK2zxKYHR6_VnsbFRHOQtTbt0OU6nLHCm5n75Q0nw5xOUbykOTuPXxah2175xGrDvxOV-GKjpsAtlQCV6JKhaNk726uCtNlVjri9x4jRQCFEc27sf_tZwx3ll7X62OrwqN_Ep6DoZS5ZDGJ9iTqRjRK7IA_gP1tNdgwPMKNZFTTHpWrK-gsbH0FQauhgFTbG2W7pP4kT2Ea69Xwd2ImTcJXLv4eURRtJE53IgoF8KMmn294HHFE4basgtO1vQzc_X0sQq-Kqfxk3bAB_xql4hO-XLNONDQcdXDOUDBpXhqC9Cn6SrcX2r5MvQNd3ntrSzmkc7vlUcmD_J4bXZTkhDj2hjxNOeJlhE2sNqYa12cBj3SmTMYkL5ASgilnHbNMAbsmVtcek2hhA_nP5LhhdM2Rp_D21jhV3cUcqFnDLeY7Vd4DwvnAG1l7hQpL0Kv7KZQgQwPxezngSOxGAPfsy8itAlo4PSkwxh2VnhN6_RX35esERBJGUTSI4fGDb1D1DQjlHUXO5adm_EpSck7ZFPrkLMWRPL2c7fO_RC5yF2lOgYzzAf47Y9Dt4KbzyYLNgNGj0j02kPXiWIddDhKXlANd_wgIV62ErF-2YllkbeC1b6qTTiVFCMX30QXvyNkmlez6DmxHSACwK_orug2bmUg4509s__W0r40SGDFLEWTrtIP4ytiZHJ7dlmXKUrHTN9IRmBX5g52zP9iYFJ9LCFz8_divfRchLR--hwpGZ2zWcry7Tcm8fZ6FJYPedPZzqqXCwEKHDkleJRFc-G4T2oNmXWCafLWsnOueDLCPSZcTB0HowJsz4I5Frtukz7vuPR2RtMDOJIiAd8fK4jgEO1g8Q0yNvbp-JFe-B7TNp6jc10LpyqQKf8xf-tjBx0Jl2mGdcjhma9zmNg2b1deAe99Ykvs9fQp6eDKs9Qc7fAWjOvNchrIlGuHgF1xyhBvh--fTaMfV95cni5glGUssoU8aWKTqQK4Xx4nzo8QyIGXHhVz_flbjS9q9rdwje7thvN_SqQFVGaiIecX3eHIIhkzT3sIYMxx5Up28q3bBhyV1f9-uBf8tfEYucmB_0_VcbY49I-XZuczml1YKi6DXJIjV7E4o0YsrIDPScf9fS7HpPsZVdiUweCvB5HeqWeWTyAX7-UEqfVftCzoTXA67V09Vi6oEcfWsJqK03GGX96u8WyqfLaSvxSBtsbMkHuTkCfLobgn3AxOe7FOhLzpP9ZnjAsdRBJ-uYTbZWAAIipatCYxaMl5-24EUcXw1ZrP5hHfb81MRSKZdJTH_e9yx__zY05CoErzYcZ_tcJ7a7vvktMSlSgmWEmX_tn8EP1Sv1ffmxSYxfLpEEWyAZ6fy8P3tFBTYsU6tAmwGDEde1G-EzezxQB6HwrWHGgz6E9WKW54ZGV5rVNmggCWmU29WEuOhk2PB7FmWnA0HQ_nhVm0bz1D_T4p_-kchjvqr_8IVqfjf4F6rq65pWHFoICRP1FoAL4x48KmIb-mWIOuVNn3G22qC0ggCAIcQaCNkjvcAtLukL54sp7mT8dzVY4EaBjDfgijM_WzQbRnU9-09C1d58ehICQs-KQI-BryCIuqbDRXQpnL--MAFnuiDCmO_eLw627woNbWDwt3JK_L1dnwiMy-uREHF9Wsd-ZutvW-4K7cLZPwtV2Eun5qgCAUP7XI9TpXEuBbXJCF5GQypwXRgUOtSgAyCOEZRyozYftyeQuulXtvN99cnKYDV5RfrQrzzcFOnyN04jP6nPU2E9YIbUFkZVUJr8TbZ6JWIN4uq2CiJa-eh793qpzQTwrlKYcKi16tXRXrH4hykAxTN--kc9r3B-LEpE6L8SCiPGanllXAed5mLgBMJCMRiFv5DeYlpHBOHqqzrD8vxQxyZrAKMsxqnTixxxnlE_zBWOg0xuxGemYajHyT4dF-Zx77m1dZk5kAL2EGoywrVkFTeCVrREGSXP5iabseheZUHfmwD0lLELJYoeCBO3QUEdAXtpr4xDyLTq4CKFCWXGIJ50jkE15QXOols-0hyK0h4vQg1bPjX3hf6qW_zYXUzHaXuKuylXB-fu_AS4yk_fhisBPRGnQxMn4Niv9vN8nnMMzsAAQUsa8CcEjYQ_2Og2DAuIuOwkspuxrYDwl1-zRThcslvr-VgPoJnT12XIZ32oB7d6v82stex5MVyz0o4h40zX4Sq9cF47ckMB6uXsBBnN0vlWClL4jwsMeRX0kHiLqHMarg1FHI6zsrXbkB0qvbs3XhJmLTJ0ITHR6jsZzCF84MY4gnUlfkUJAQef6q_IcDBWcmzmy6FSWxzcHFr3sBsiie5zQ7B1yya_pA95QJWpDnhaCCXq0lskbPzW8NCBe4eXfpH4l9W07wu6j6vQ6DT00W6Fgrii8ICQCOWEzCexEdgG2g1kPgquL3DgJgWeYKcG-YYu18UZNBhYjHWvBvjAxgTZqV39dh7dkou2emUsv68eI073e0_AkHiqH5WKGoHuD8vag7q0WpMlpfmul5IIAi6sPO-x9LdPyQDB0fpZtuZQOEnvGa_63M4cYDs_K7NhI9r1zcEbLHfpmPtnoAbwDERZk-KsHUJx7qZrM_vpvYvlRpZoCcfbTk-1ej65CwtZc0haRMWy-1wKiuBiPo5F1Qr7va1H0zeBfPatd76NtmV_ImNTsOOYxRVjKyyIO5vqD8QUJf8cl-qYZ6DabnwrqVSttODtELTPlzWraanMMchBCy_omjK16GVZ7VJeRIHWHnsRZgf5QOCBUDWRFKRg9p4Qcku1y6jKagEk5M19f2MpQyuAUGz8A8xJBbrp7wDOdJjiESsOjYFX6XE801N9rz0nxcW9jJ7TgEwORFpEyBDUPdrzaQIWTPWMVDxS2BDIFxq6rVlavt5v2QTVYa_dTcIRAV9vdeUi3KX1v8HiXcvWg5EEaUggEEkwAcoEIg23OdFODSLHKVvB6Ii5helmk9le6GNmPvRPmRkkUM3jhdd3SgoSRvfEnFj39heVaktq86Jbd4hQ-9WUwfuSQOwPl_66sK5k_GAFgAQ&cry=1&bundleId=

Request Chain 148

https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iCKJqaB5KuGgK3sMkXEJiw&adContainerId=brand_safety_QqNOZKDiL9Gs9u8Pv9uz0Ac&cbFunctionName=goog_wrapCb_QqNOZKDiL9Gs9u8Pv9uz0Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9f2288a4-639d-5430-170a-4821362a83c3,c:bi2nHz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-cf649f789-mbm8h,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tCVSQGG+11%7C121%7C122%7C123%7C131%7C14%7C1511%7C1512%7C16%7C17*.990511-61634097%7C171%7C172,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:20,oid:3e304e5a-e77b-11ed-be5e-aae09012ffb1,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHwqnNrfgyJKPL7NwMQxbsA&google_cver=1&google_push=ATf1kGOiwFwGqJTg1nU4fnSHTG37KNIm8-xsP9vUrRauVMNg0GB3_o6wgZf5DklhioxKQkJOjjliniPSkTI1vsaOn2aLzNzBBWU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkU2alFnQUdxLU1tNmdCYQ==&google_gid=CAESEHwqnNrfgyJKPL7NwMQxbsA&google_cver=1&google_push=ATf1kGOiwFwGqJTg1nU4fnSHTG37KNIm8-xsP9vUrRauVMNg0GB3_o6wgZf5DklhioxKQkJOjjliniPSkTI1vsaOn2aLzNzBBWU

Request Chain 162

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHHwcPajaQiDZ4LTD4WKGbE&google_cver=1&google_push=ATf1kGMMAVClPZ5cWWqclpH_VGNNf-Wfa7kPWVWJ9s-0qHu-Bn0pmn4hjVLOnJ85qORrGeGQCpXqj2ogFlVsVmD4jMFc3YEMw0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMMAVClPZ5cWWqclpH_VGNNf-Wfa7kPWVWJ9s-0qHu-Bn0pmn4hjVLOnJ85qORrGeGQCpXqj2ogFlVsVmD4jMFc3YEMw0M&google_hm=0k6-2CdLQumgBgCBfr1LK8g

Request Chain 163

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ5ZRmk64zPwL65O0N4nTc8&google_cver=1&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbOe3UT9Vy4xjX HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ5ZRmk64zPwL65O0N4nTc8&google_cver=1&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbOe3UT9Vy4xjX&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbOe3UT9Vy4xjX&google_hm=GkXwrGZHS4n7D_PxS6KskUpR

Request Chain 164

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJoKDKCSIfj4jDCVyyBJTaY&google_cver=1&google_push=ATf1kGMQiXYiim6bl2103TC6zFaKEzZNiSsZxomA6_sZnMcVcr1B9Sbmv6ZrhhZ5T9dw6IKZDu0WzAP63ln2tqskclnMHxlFqMRU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQiXYiim6bl2103TC6zFaKEzZNiSsZxomA6_sZnMcVcr1B9Sbmv6ZrhhZ5T9dw6IKZDu0WzAP63ln2tqskclnMHxlFqMRU

Request Chain 165

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDEVsDlArWk3jqlWQ5HgGa8&google_cver=1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1682875203250 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-bc63fd84-e58c-4048-a3ab-4dfe23b4ed7e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_%26google_hm%3DA7xj_YTljEBIo6tN_iO07X4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_&google_hm=A7xj_YTljEBIo6tN_iO07X4

Request Chain 166

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELQFQIuuyMmjBd5hGuzKwZs&google_cver=1&google_push=ATf1kGMw-IyVC3DUAMBPpZVRNU-Js6QUep0boN2VDGi4XQ443UEsCvVPPHVL3yrEt-56-Xr0sd7a9Mu6JaBVaN8JfmnCcVGD7nQbFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMw-IyVC3DUAMBPpZVRNU-Js6QUep0boN2VDGi4XQ443UEsCvVPPHVL3yrEt-56-Xr0sd7a9Mu6JaBVaN8JfmnCcVGD7nQbFA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1

Request Chain 197

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1&google_hm=2

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENBFOniKQXbrBaN5NpjqqcE&google_cver=1

Request Chain 199

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Request Chain 208

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJns70MsCBWlMtlhAwYwIO&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc,c:bi2nQ2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-hclck,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tCVSQPa+11%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:18,oid:3e7657fa-e77b-11ed-ac34-e22686c1869b,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=

Request Chain 236

https://um.simpli.fi/gp_match?google_gid=CAESEOqIXIBBEg58Xo7KgnKE_o4&google_cver=1&google_push=ATf1kGP5kMoHKXU2379barmGBsi2iJ8IfxdMhv9cdNcltEn3g2DD-xEGkqcR3e7T-AUQNJ8aRLnJCLY0Jb8hdib9ltxbIIeerWnURg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGP5kMoHKXU2379barmGBsi2iJ8IfxdMhv9cdNcltEn3g2DD-xEGkqcR3e7T-AUQNJ8aRLnJCLY0Jb8hdib9ltxbIIeerWnURg

Request Chain 237

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGVQZ52_yTBkLi2yMVeeZac&google_cver=1&google_push=ATf1kGOy9eXSDYmxvbs7ogG-Z9-w4g3irv8616OfXls3crMLAgJlno6SCJL_Qo5My7t6mj8exsZjjrB7Bii1cFzm7pOxl3ZfWVFQwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOy9eXSDYmxvbs7ogG-Z9-w4g3irv8616OfXls3crMLAgJlno6SCJL_Qo5My7t6mj8exsZjjrB7Bii1cFzm7pOxl3ZfWVFQwQ&google_hm=0k6-2CdLQumgBgCBfr1LK8g

Request Chain 239

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKzxtYCbFeUaua_MU8xjulM&google_cver=1&google_push=ATf1kGPcUbnhjJiM1xGJ_5rbORAuiKKz6QmutPYHRxEKuYDWFmMHgVkunBPIj8BpsH9FqBcXp_G6YR1j50wzuAUe85kOPorg-yuhSA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKzxtYCbFeUaua_MU8xjulM&google_cver=1&google_push=ATf1kGPcUbnhjJiM1xGJ_5rbORAuiKKz6QmutPYHRxEKuYDWFmMHgVkunBPIj8BpsH9FqBcXp_G6YR1j50wzuAUe85kOPorg-yuhSA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e7HZGojFScOeuQBcWP2JJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPcUbnhjJiM1xGJ_5rbORAuiKKz6QmutPYHRxEKuYDWFmMHgVkunBPIj8BpsH9FqBcXp_G6YR1j50wzuAUe85kOPorg-yuhSA

Request Chain 240

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP_e4nlTmHg1Lt-iiTnP85o&google_cver=1&google_push=ATf1kGP7DiZKACRrjTrRYy5V7Dk5Zo49zupVX5rFhAKkZsY5ba7PsV5vaukhfdsM9Mvc0TuUjK9D9pfObLLGdBpFrhXh3hliNQ_Hng HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_e4nlTmHg1Lt-iiTnP85o&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGP7DiZKACRrjTrRYy5V7Dk5Zo49zupVX5rFhAKkZsY5ba7PsV5vaukhfdsM9Mvc0TuUjK9D9pfObLLGdBpFrhXh3hliNQ_Hng

Request Chain 241

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIZN6Jbgcc5zuy-7BthUy9c&google_cver=1&google_push=ATf1kGMCQnqSpHkqTkWUyblk2fFrft4agxRKWGEiprPeO-GqBOnrzGHd0LwP81mhWwjiWP-GF8vl91le6QmXaufy5sThCK6cHx6yRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMCQnqSpHkqTkWUyblk2fFrft4agxRKWGEiprPeO-GqBOnrzGHd0LwP81mhWwjiWP-GF8vl91le6QmXaufy5sThCK6cHx6yRg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 242

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBvGVUd7T6ERdDFmtYo0Ugw&google_cver=1&google_push=ATf1kGNG2BVj0S04U8U4BEwA1AA2dhzIjcHkRZE9hb7MFSKWyvHz4jK4Y_Wo7pCtB7R_AAix0VIA3GxsmGY63OE6c9cHg56Z25lEaqc HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBvGVUd7T6ERdDFmtYo0Ugw&google_cver=1&google_push=ATf1kGNG2BVj0S04U8U4BEwA1AA2dhzIjcHkRZE9hb7MFSKWyvHz4jK4Y_Wo7pCtB7R_AAix0VIA3GxsmGY63OE6c9cHg56Z25lEaqc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6e06ff41-4ba7-439c-8386-eba172a3b352&%%GOOGLE_PUSH_PAIR%%

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1

Request Chain 267

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1&google_hm=2

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNwYfTz83o0LNQ0xgzQ2GE&google_cver=1

Request Chain 269

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Request Chain 287

https://um.simpli.fi/gp_match?google_gid=CAESEHgyMGK1bvoPdKlfVfpPUY4&google_cver=1&google_push=ATf1kGMJtX_DZ0n9ERhzOYV4YHVUsvtDtsx84tYsUKIRGsTsWZLBZPBoDj5N9XrYlyqk5Nw0XDMsX46tzMKg2CRQ8-1qABRKC7cNkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGMJtX_DZ0n9ERhzOYV4YHVUsvtDtsx84tYsUKIRGsTsWZLBZPBoDj5N9XrYlyqk5Nw0XDMsX46tzMKg2CRQ8-1qABRKC7cNkw

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBWmDhDVAFUIwzspk0FmjQ0&google_cver=1&google_push=ATf1kGOIm212_1n_XKzpReSh2U7oH5lQWSqBLLldHf3Hi4bcEKXmxVQGGDnsKRogeGfOPX17ZVCNQVq5gXZLpv_dn9XXTv3UMJ6lQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgzT0cyOUMtMUEtNldZTQ==&google_push=ATf1kGOIm212_1n_XKzpReSh2U7oH5lQWSqBLLldHf3Hi4bcEKXmxVQGGDnsKRogeGfOPX17ZVCNQVq5gXZLpv_dn9XXTv3UMJ6lQA

Request Chain 290

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJBojONLsz_LRMD7M9W9b9c&google_cver=1&google_push=ATf1kGMOh7T4PgMIS7j8F5-e3oBzTGlL72o8OOYWjPyNGmIdX5-egBnXEHWHSrcmANZTh1IQjt1LZ1-E97d1XCLhlBGdf4dPhVIOlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJBojONLsz_LRMD7M9W9b9c&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGMOh7T4PgMIS7j8F5-e3oBzTGlL72o8OOYWjPyNGmIdX5-egBnXEHWHSrcmANZTh1IQjt1LZ1-E97d1XCLhlBGdf4dPhVIOlg

Request Chain 291

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAgKVPw6KEWLOaMDE0QwKr8&google_cver=1&google_push=ATf1kGN52nvIqq9H8IEKGRdZQ41LzO2-CqE0rcEPY5916cJKM8zeqfrFdiyNYsN4Syf3EAN4yMbk9ao-F_Xy5INTCCwdTn8TYVMsUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN52nvIqq9H8IEKGRdZQ41LzO2-CqE0rcEPY5916cJKM8zeqfrFdiyNYsN4Syf3EAN4yMbk9ao-F_Xy5INTCCwdTn8TYVMsUw

Request Chain 292

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFa8Slti_Ieslpny6Znhoco&google_cver=1&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSzi HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSzi&google_gid=CAESEFa8Slti_Ieslpny6Znhoco HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MzMwMDc0MDQ0NTk1Mjk3NTI5MQ%3D%3D&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSzi

Request Chain 293

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED3CaOyYkn85vrfCXgjz3x4&google_cver=1&google_push=ATf1kGMzZXIeQvr1N2gWzppYku8UmnoJmpUiRmGmjkHHl89b_S20syxWvFYY_56VZkzrH77bUBZsvjHZHt90oT1zcZzq31y-xo4iRO8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RVTk4clMxRTJ1RWY2YVJBYjVBZlVYbWZXaFlSWEIxUX5B&google_push=ATf1kGMzZXIeQvr1N2gWzppYku8UmnoJmpUiRmGmjkHHl89b_S20syxWvFYY_56VZkzrH77bUBZsvjHZHt90oT1zcZzq31y-xo4iRO8

296 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
koooralive-tv.net/
Redirect Chain

https://koooralive-tv.com/
https://koooralive-tv.net/

81 KB
15 KB

108ms
59ms

Document
text/html

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b670a0c78e1e281466ce16c5044ee2954d73fd924bf6b67abc623c32008705ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: DYNAMIC
cf-ray: 7c0173f54c9b9153-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 17:20:00 GMT
expires: Sun, 30 Apr 2023 19:20:00 GMT
last-modified: Sun, 30 Apr 2023 17:18:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLge0dcPmNQFvTRdICFmHZtsuwyJpwgF%2Bm7mEgbM%2F1G4htqb5f1vDnZ6%2FISu24ojXckDW7yfGoHfyjrUqfb4f1CzianfTbitsNsG40YS8ciP0EN8UHya12MfxNfAfWZL1XGTSiGvUK9Q934xihMI5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7c0173f4eb909a03-FRA
date: Sun, 30 Apr 2023 17:20:00 GMT
expires: Sun, 30 Apr 2023 18:20:00 GMT
location: https://koooralive-tv.net/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FbEgyEffH0IUjdHuO%2Fgc8xh5YPTVGud1ibPfUU6UB70a5btp%2FTxwJbyzAdpkwAb2RZZbWedPgYnMfsGOaaHbLoAbJFDcds9e65EOwnUOKuGzROIhsa5RI4hgzq1a17Nh4zsbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 classic-themes.min.css
koooralive-tv.net/wp-includes/css/ 291 B
592 B 51ms
50ms Stylesheet
text/css 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 626904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 30 Mar 2023 04:47:19 GMT
server: cloudflare
etag: W/"64251457-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24%2Bcs9ccaAFMAgepLB%2BFn8H087Az61Hp0DbP0w7p1qS%2BJ%2Bm%2B7Eb5XFLFMfs%2FVEeRWs51gLca7gCBe9h6mdQCH0ER%2FmLerXsD7X1ogbrdBxI5ESOxMS26fmaidLwAoyRPbw%2B77PdT%2BotQ6bhu9iyJPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7c0173f5bda59153-FRA
expires: Tue, 23 May 2023 11:11:36 GMT

GET
H2 200 NeoSansArabic.woff
koooralive-tv.net/wp-content/themes/AlbaKora4Live-v6/fonts/ 56 KB
56 KB 20ms
19ms Font
application/x-font-woff 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/wp-content/themes/AlbaKora4Live-v6/fonts/NeoSansArabic.woff
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://koooralive-tv.net/
Origin: https://koooralive-tv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:00 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 19:00:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 626904
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2tNklHBVC40PX017GtSkHpWwoIvZPI4QYhK2o52Nf%2FsiMZOuAR2NcxcrJ32H4Zc4vrewksqG5VxbOjm8BEL9JJ6u0Ji6J9Iw3vmvuK0ecuKUGLxnU6qGrYQg1Iw6xP1hgKemIk2Cm5BgSXbHPXDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c0173f5bda79153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57364
expires: Mon, 22 Apr 2024 11:11:36 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 361ms
318ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a3d3b4863983fa06babdd097dc9b46764215114198b480ec16d71170bf37311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GZ226KJ9YP1S7M986D1Q0X1C
date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1181
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"0587974d325a68869c432f0483e6df63-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7c0173f5f8d1916b-FRA
link: <https://live.demand.supply/impl.v16.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/a29vb3JhbGl2ZS10di5uZXQv>; rel=preload; as=script
timing-allow-origin: *

GET
H3 200 logo-koora-live.png
koooralive-tv.net/wp-content/uploads/2022/11/ 23 KB
24 KB 21ms
21ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/11/logo-koora-live.png
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc841e506c83e583ab37f27bd3b7f5f613f4f25711925332b69fc84605920bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 626998
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23630
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:51 GMT
server: cloudflare
etag: "63a0b4e3-5c4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9%2FVQKehptTneAJYyYeVKHQ4z3MVnBK7%2F0rShdcooe29rlhF3q8hpNORAXjoyBsNVnT5qBweafD01dyXdLz5USsN2doecOwC1WLR9AG5UThZxnOrlD9BVEvBnjH1P9RXPsaZ03Jghi%2FlCNTxJ%2F3WfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173f5d9673829-FRA
expires: Tue, 23 May 2023 11:10:02 GMT

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 rocket-loader.min.js Show response
koooralive-tv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 15ms
15ms Script
application/javascript 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://koooralive-tv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 Apr 2023 11:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6447b986-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyX5D3tYMu8aqd8V%2F78bbQNMjpM4PWONgArvei%2F%2Bs6Ktx5YeYZE0bP3WitLPj%2FPxMCn8fLqu36nlwKWUu7%2Fe1opqXr6PYgEiFW7EFhQCyKsaXqR2%2BJTgOHUqmKZzd7vpaVHPkAH6qWllF9e2rQvDlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c0173f629d83829-FRA
expires: Tue, 02 May 2023 17:20:00 GMT

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 gpt.js Show response
koooralive-tv.net/wp-content/cache/min/1/tag/js/ 74 KB
26 KB 25ms
23ms Script
application/javascript 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/wp-content/cache/min/1/tag/js/gpt.js?ver=1682875126
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83001bae2dd79ad9ced3c1afadf290f66ce9eda0b90594d5392735ce5d5d86db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Apr 2023 17:18:46 GMT
server: cloudflare
etag: W/"644ea2f6-127bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HxPrksKGG500YS7AzHHcu%2BLprkbsl1w%2BbFjsuWXwcO0GE7dywm2r%2F8p0yjLC2pIhym9iiuKMLl6P1inZ4P0SKlG8m5dJvq%2FG0JxYPNC34RxzJuG5WNHuVxQJZR02mtOivf195KsXQO6VwGWcutL8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7c0173f66a233829-FRA
expires: Tue, 30 May 2023 17:19:06 GMT

GET
H2 200 impl.v16.8.0.js Show response
live.demand.supply/ 73 KB
24 KB 23ms
22ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.8.0.js
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0da5140d8c395da1befebd9cc39629786a9f924ecc3486467e75ad6c89c2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GZ226FBHFZ67A1Z109CDN6D6
date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 252344
cf-polished: origSize=75348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"b227a5bf63e1ce682553e3ba750fec27-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7c0173f80b94916b-FRA

GET
H2 200 a29vb3JhbGl2ZS10di5uZXQv Show response
live.demand.supply/p4/v16-2-0/ 997 B
621 B 128ms
128ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8bae459296ed0024ead22309e46770906a748cd40ee5d6b39970f9fdee05f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7c0173f80b90916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 43ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=372&cs=c&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GVTEW4YXD17TCHP4HMTQCAWJ
date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
age: 1136391
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0173f82b2b03f0-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 380ms
95ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

189f1bd8668038e0612dca0b6ef19cb38b85f7ad6ef4780122b0694aa91eec37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24847
x-xss-protection: 0
server: cafe
etag: 338 / 19477 / 31074164 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:01 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
642 B 37ms
21ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GZ1SVKBPXW3NPVTB8A7V458E
date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 209862
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7c0173f82b2903f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 koooralive-tv.net_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
391 B 154ms
154ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/koooralive-tv.net_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a29843bf7c8613729332222a870e2e69fda461bd7d009c7c9a6600aebe39b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c0173fa8e5e03f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 399 KB
124 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 11:43:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20215
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126484
x-xss-protection: 0
server: cafe
etag: 2690975471868618065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 29 Apr 2024 11:43:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 895 B
400 B 81ms
48ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46b04608f2a24066e3d5568d772a0d0caa9925228b3b256d59ea5ad739f4e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Sun, 30 Apr 2023 17:20:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 72ms
20ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 67ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
951 B 66ms
66ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3828946545216055&correlator=563378777793924&eid=31074164&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2Cc49ea298-5571-44bf-94dd-c629dfb14981&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1967996485&didk=849936728&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Dc1f5e191-0467-4a22-8fba-18be09607160%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D13%26bid-p%3Dgoogle%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682875201806&lmt=1682875128&dlt=1682875200911&idt=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1030127103.1682875202&ga_sid=1682875202&ga_hid=1935787028&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

348375bb3eab9b8ba5741fba063eb18ca58c0e3f56e9e025c4ceb70c519980ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 921
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE3D 6 KB
3 KB 94ms
16ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
expires: Mon, 29 Apr 2024 17:20:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 33 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl_page_level_ads.js?cb=31074164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7fc0d9dea60259cd47ac9185dea859cf93cba538b4fad5bd43c92f91789e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70925
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11984
x-xss-protection: 0
server: cafe
etag: 12136767000467347226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Apr 2024 21:37:56 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.net_auto_728x90_sticky_display_bottom&pdc=0.12176765799522399&ucv=null&e=tcp&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GVTEW4YXD17TCHP4HMTQCAWJ
date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
age: 1136391
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0173fb7f8e03f0-FRA

GET
H2 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 18ms
18ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 976210
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7c0173fb7831916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
10 KB 247ms
247ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3828946545216055&correlator=4034728492132287&eid=31074164&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2Ca355fdc4-8108-4e21-bbeb-81a444f32e4a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=241424876&didk=2903573808&sfv=1-0-40&prev_scp=ti%3Dc1f5e191-0467-4a22-8fba-18be09607160%26chrand%3Dy%26pof%3D0%26bid%3D0.07%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682875201838&lmt=1682875128&dlt=1682875200911&idt=860&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1030127103.1682875202&ga_sid=1682875202&ga_hid=1935787028&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ddab70440d20d30c042998231d7376b5f8afc3d63512a2f0c7e438702d57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10026
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
502 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.net_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GVTEW4YXD17TCHP4HMTQCAWJ
date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
age: 1136391
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0173fbc84103f0-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 22ms
19ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 127 KB
35 KB 452ms
452ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3828946545216055&correlator=2709589605873883&eid=31074164&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C21e64a41-96d0-44d8-81f5-4387d89c0c3d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=1158043729&didk=189456234&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Dc1f5e191-0467-4a22-8fba-18be09607160%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D5%26bid-p%3Dgoogle%26bsc%3D87&eri=1&sc=1&cookie=ID%3D8773e45f03ac9194%3AT%3D1682875201%3AS%3DALNI_MaxcdBbwa8kxsk3I2F4u4HN4Zgifw&gpic=UID%3D00000bf38cd0fdd3%3AT%3D1682875201%3ART%3D1682875201%3AS%3DALNI_Mbt_sA6_FRxBtG-HXO87GltiVVu_w&abxe=1&dt=1682875201896&lmt=1682875128&dlt=1682875200911&idt=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1030127103.1682875202&ga_sid=1682875202&ga_hid=1935787028&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47fcf6d935b81e117e7825df2d815792a74215760a5b4ae982103224a8198e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35709
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 78ms
17ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:12:27 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 967311544

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
498 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2E0K2FB8A994T6H5QKEFT
date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
age: 961925
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0173fc189d03f0-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 103ms
58ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c1093716b2a8c90646b52add87a640a74938781e3746e4980099038b46bf3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11187
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
11 KB 1199ms
1198ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3828946545216055&correlator=2709589605873883&eid=31074164&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckoooralive-tv.net_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=2196926945&didk=1975517662&sfv=1-0-40&sc=1&cookie=ID%3D8773e45f03ac9194%3AT%3D1682875201%3AS%3DALNI_MaxcdBbwa8kxsk3I2F4u4HN4Zgifw&gpic=UID%3D00000bf38cd0fdd3%3AT%3D1682875201%3ART%3D1682875201%3AS%3DALNI_Mbt_sA6_FRxBtG-HXO87GltiVVu_w&abxe=1&dt=1682875201938&lmt=1682875128&dlt=1682875200911&idt=860&adxs=436&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1030127103.1682875202&ga_sid=1682875202&ga_hid=1935787028&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ec8e9b1c3c990e426806399402590e97f2fb899a04e92a1e4bec7e3ccc2dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 1943ms
1942ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3828946545216055&correlator=2709589605873883&eid=31074164&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckoooralive-tv.net_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=5&adks=3763906004&didk=4230357726&sfv=1-0-40&sc=1&cookie=ID%3D8773e45f03ac9194%3AT%3D1682875201%3AS%3DALNI_MaxcdBbwa8kxsk3I2F4u4HN4Zgifw&gpic=UID%3D00000bf38cd0fdd3%3AT%3D1682875201%3ART%3D1682875201%3AS%3DALNI_Mbt_sA6_FRxBtG-HXO87GltiVVu_w&abxe=1&dt=1682875201941&lmt=1682875128&dlt=1682875200911&idt=860&adxs=315&adys=158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1030127103.1682875202&ga_sid=1682875202&ga_hid=1935787028&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94138baf720590941ee5fed00f75c6a2bca6b4456a226fda41ab27e19203369d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11125
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 654ms
652ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3828946545216055&correlator=2709589605873883&eid=31074164&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckoooralive-tv.net_970x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=6&adks=614191896&didk=4230357713&sfv=1-0-40&sc=1&cookie=ID%3D8773e45f03ac9194%3AT%3D1682875201%3AS%3DALNI_MaxcdBbwa8kxsk3I2F4u4HN4Zgifw&gpic=UID%3D00000bf38cd0fdd3%3AT%3D1682875201%3ART%3D1682875201%3AS%3DALNI_Mbt_sA6_FRxBtG-HXO87GltiVVu_w&abxe=1&dt=1682875201943&lmt=1682875128&dlt=1682875200911&idt=860&adxs=315&adys=1948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1030127103.1682875202&ga_sid=1682875202&ga_hid=1935787028&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcd97bf9b50920a9a630261fa389160caf2cf3504079b972855e92980e1dd78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8692
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 fra_psg.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 65ms
17ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/fra_psg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 download-3.png
www.kooora4live.com/wp-content/uploads/2020/01/ 0
0 73ms
25ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2020/01/download-3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 download-4.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 71ms
23ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

101.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/101.png
https://koooralive-tv.net/wp-content/uploads/2022/12/101.png

5 KB
5 KB

71ms
69ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/101.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49497e90301af5b37ca285a98ef3eb638e42160e468c0be14872efa0b25d7353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 626454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4627
pragma: public
last-modified: Mon, 26 Dec 2022 03:41:39 GMT
server: cloudflare
etag: "63a917f3-1213"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhWa9C2J9lqAZs%2FcMmZQpIICnyh4Cki%2B3%2FWNqBmDiE4l6yHqO%2BQeyi%2BERfqLTqP5Tx7CXrSgwKEKuYL9DOrVXuAFHVBapzSIF75ovocV4x6et3qUTZGNuhylvcckO5ayVFLB%2B2WzvscUk%2Bmj6%2BezJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173fc5a0e3829-FRA
expires: Tue, 23 May 2023 11:19:07 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4B%2F9y08gG1Dh9MuJiQqD01FpaXSTFsrGHi0p7bNSwwF2bSR9o4pw%2F9H84njaqqSpGhXJxMxGV9bvOumAVKdx%2FLYkEWaS0ldflrM%2FJx8vZSGgzjQYFGJr3hf2TsabMY0wUCCqnw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/101.png
cache-control: max-age=3600
cf-ray: 7c0173fc3f0d9a03-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:20:01 GMT

GET
H3 200 default.png
koooralive-tv.net/wp-content/themes/AlbaKora4Live-v6/img/ 4 KB
5 KB 23ms
19ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/themes/AlbaKora4Live-v6/img/default.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8292c79a44356dae0dd28d94606a3674bd2d613a93d7304d3090b678cc1755f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4327
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:48 GMT
server: cloudflare
etag: "63a0b4e0-10e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wD%2FAv9088Rp33b9xLQ%2BoryttAdK%2Fw9oO2JjEhEEy9okyQAI9z9TxR3HolEeoBCc0eFapfujo4%2BP4f%2FcDGMtYgLXCTFNoXjEt6Ejl1n5e5pjTQ2CyHVY8swMgmkC7YTYgfjUpcKs2rCO7WDkwiHG1pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173fc39e83829-FRA
expires: Sat, 27 May 2023 14:08:53 GMT

GET
H2 403 egy_pyramids.png
www.kooora4live.com/wp-content/uploads/2019/02/ 0
0 66ms
19ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/02/egy_pyramids.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 180px-BolognaFootballClubLogo.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 68ms
20ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/180px-BolognaFootballClubLogo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 download-3-5.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 65ms
18ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-3-5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

125.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/125.png
https://koooralive-tv.net/wp-content/uploads/2022/12/125.png

7 KB
8 KB

40ms
39ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/125.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3552f2429fea99c852279d5ab818255d790444e9fb6e8dfff7e7b5e4b1ebaba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7343
pragma: public
last-modified: Thu, 29 Dec 2022 10:51:02 GMT
server: cloudflare
etag: "63ad7116-1caf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mgsd0CpKiEpUvSlCcTCTw7D5%2F47BGXC9gXue%2FFWmGEzzpyFBWwYbodVRomCLSDT512Ctg0%2BaeOBd7G%2Fuou2ak1uArUM4zdYm3riJ0EE2Kb8XDFEKbmDsYXx0l3adBtOEtdnuQLHcattpn3d3%2F4sUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173fc7a353829-FRA
expires: Sat, 27 May 2023 14:08:54 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrsMHvSufJ1idEwXdx3QgjUC2swJIQk6lnz78O3E9%2BObwaTfd%2BO%2BkiSmD31rNl9%2BJcSs1QLNHUASe0H19TyCXfpDgsaBpCgyCeqQEMZ6mbis%2BeqtS0viOD%2FKWEsleGoNF9aZ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/125.png
cache-control: max-age=3600
cf-ray: 7c0173fc3f089a03-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:20:01 GMT

GET
H3

200

147.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/147.png
https://koooralive-tv.net/wp-content/uploads/2022/12/147.png

4 KB
5 KB

59ms
57ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/147.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0542badd3ee953b5aaa1cbe327b41015004e78fe9ff6a74bc00d146997af122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4279
pragma: public
last-modified: Tue, 27 Dec 2022 22:10:26 GMT
server: cloudflare
etag: "63ab6d52-10b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLHVIqA%2Fy4BDxpV43XhNKeDgJs1MPiCHZsPK2XHQ5ZeqkTSG%2BRVBdZdoP8le4uTIDe3Z7T%2FZJTUEzWNlS5jsRzHO2B4cSbL63R2S1gHLp6ISxDTtk2rM6VRTpg7qjLfjfKudFNXMh3NzIUBNqkxoow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173fc5a0b3829-FRA
expires: Sat, 27 May 2023 21:11:43 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcE%2BHM%2B0yLWhtjoA7ZhtmkuNwwEJ2tJz3WWAkv8G1UVmeWRln9Enzk1mXcIlMvI%2FqUUTajoeWywwe3zxyJeHgT3xtCuhfCW5CDPayuFl3XVb2fcycMQmXSqgjCiJruukuayEIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/147.png
cache-control: max-age=3600
cf-ray: 7c0173fc3f0b9a03-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:20:01 GMT

GET
H2 403 1391801722.png
www.kooora4live.com/wp-content/uploads/2019/02/ 0
0 21ms
21ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/02/1391801722.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

134.png
koooralive-tv.net/wp-content/uploads/2023/01/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2023/01/134.png
https://koooralive-tv.net/wp-content/uploads/2023/01/134.png

5 KB
6 KB

29ms
27ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2023/01/134.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f818ff3a63f7a54cbc1cbfa6a3c73bd1472836d5e939ebe8c4f71b99a5cd708e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 626454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5219
pragma: public
last-modified: Tue, 03 Jan 2023 20:07:11 GMT
server: cloudflare
etag: "63b48aef-1463"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUK1paFeEaLvod96UgwW21sxs7msxQJDIPcctGyinLmkzCHAjVR2Ke079%2B3g5KsiRjS0UCO%2Fi9r5WStp797JfXpGT7eZIxWSOmkIBsf1jXT4ag3KtyeqFovk%2BYnaqrFX32cnvE0El72ffOehpM99cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173fc5a0d3829-FRA
expires: Tue, 23 May 2023 11:19:07 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwm0Vjk91yepFCqgKvOFI5smCFKgkzb758aSiFwrHAsJyxHtwmaK9DUYxsb4wUhillygp4BxwPnp44Wxfti4UaiDuYmK%2FBv9hPE6rgwX5LvL1sJEN%2Fpb5xnMmwAN8bbnenOqOA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2023/01/134.png
cache-control: max-age=3600
cf-ray: 7c0173fc3f0c9a03-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:20:01 GMT

GET
H2 403 download-6-2.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 23ms
23ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-6-2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 download-2-1.png
koooralive-tv.net/wp-content/uploads/2021/08/ 5 KB
6 KB 35ms
33ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2021/08/download-2-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e42d0e7ce526ebff1687936922330e3747388f4a3d4ed14a3654fbb02228a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5152
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:49 GMT
server: cloudflare
etag: "63a0b4e1-1420"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8aqoYWie5fNInd1gsgJlg2BssLDdzLVNRz9yaYq0ohpToDKoxMUHA9VPRdBGlegzIq5MPyOXvt367s0o1XwYk429YhOWLF4fAdTrg8U80T3%2Bhe%2BYcN9CWMJCvMNMhCyUX%2Bq9V3m7rs8EgLubeTPwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7c0173fc39e93829-FRA
expires: Mon, 29 May 2023 03:36:03 GMT

GET
H2 403 download-4.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 26ms
26ms Image
text/html 2606:4700:20::681b:4171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 545ms
97ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4715052&@f16&@g1&@h1&@i1&@j1682875202011&@k0&@l1&@m%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora%20live%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84%20kora%20live&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-67913546&@b3:1682875202&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkoooralive-tv.net%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: 8c7a984a119863e9375ae70a7e3f68c9c3b54199a34d61cf0f56947194f40ea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 17:20:02 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 78ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 115ms
10ms Script
text/javascript 2600:9000:2250:a600:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a600:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 02:50:38 GMT
Via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 52165
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: WVncb4f0UjJB9Z38vLc5qVvqEk-06_aSXUV8gK6zmGeX50rcb3wcCA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 339ms
52ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 01 May 2023 17:20:02 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 343ms
31ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:30:12 GMT
content-encoding: gzip
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 60591
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2NqsdfZDgqgYqdGx6TqwYc-BO1ywv1s0fAez_Uy34yBDzNJn4ksx2Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 66ms
26ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: RJG8P9KGT25NARJA
age: 1542
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7c0173fd8d141961-FRA
x-amz-id-2: p9caGrESjWYwkHsxUB/95tSAMOAWdfigQO7CUyIVO+HkWK6LxeSkGY+AhjJC0xfpQ02CliLtx7w=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 336ms
13ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
age: 15594
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
x-served-by: cache-fra-eddf8230036-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 49ms
11ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:11:08 GMT
via: 1.1 google
age: 534
x-guploader-uploadid: ADPycdsHm8GHBLFOSmiJHNuaBZ_f9zFJkw4pAKn3Mc9qMTl-wJxPJEfK57TwP5wSjBH1PItzBZGekGSfmb915QHLHZ6gqg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sun, 30 Apr 2023 18:11:08 GMT

GET
H2 200 container.html Show response
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F00 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
expires: Mon, 29 Apr 2024 17:20:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 99ms
99ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.07&b=2&r=koooralive-tv.net_auto_728x90_sticky_display_bottom&sy=f8950a71-61d4-4f31-94d8-51fc4db6627d&ts=87&cd=2&pud=372&pus=c&pue=552&pid=49&pis=c&pie=602&ppd=382&pps=a&ppe=935&pcl=288&ttc=938&tti=1400&ttif=0&lca=935&lcak=ppe&lct=935&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koooralive-tv.net&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=c1f5e191-0467-4a22-8fba-18be09607160&e=lm&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GVTEW4YXD17TCHP4HMTQCAWJ
date: Sun, 30 Apr 2023 17:20:02 GMT
cf-cache-status: HIT
age: 1136392
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0173fd5a2f03f0-FRA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F4DB 13 KB
5 KB 13ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 10:13:00 GMT
expires: Mon, 29 Apr 2024 10:13:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10E3 783 B
1 KB 279ms
21ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6cbac725a91d56dca3e40107e70ec8eb3ee4a69506ed50b74e8de072f5e2b4e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JsLDD4xJpLfBDG76R6BlHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-JsLDD4xJpLfBDG76R6BlHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:02 GMT
expires: Sun, 30 Apr 2023 17:20:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame F4DB 36 KB
14 KB 349ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 190ms
122ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://koooralive-tv.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://koooralive-tv.net
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 30 Apr 2023 17:20:02 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: bb88b2d49f7a174357cdd62924f81894

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
314 B 38ms
34ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cd4aa0ea8c1ac7224e172ebc0741342b07867a306ebbcaae4538862427e0ac47

Request headers

Referer: https://koooralive-tv.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 12447013e30a1da7e83a4ea196283550
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
326 B 305ms
19ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://koooralive-tv.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koooralive-tv.net
date: Sun, 30 Apr 2023 17:20:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 container.html Show response
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3689 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
expires: Mon, 29 Apr 2024 17:20:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 22ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=5.34&b=2&r=koooralive-tv.net_auto_interstitial_desktop&sy=f8950a71-61d4-4f31-94d8-51fc4db6627d&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koooralive-tv.net&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=c1f5e191-0467-4a22-8fba-18be09607160&e=lm&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GVTEW4YXD17TCHP4HMTQCAWJ
date: Sun, 30 Apr 2023 17:20:02 GMT
cf-cache-status: HIT
age: 1136392
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0173fedbf603f0-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 941F 624 B
422 B 98ms
53ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNXlw5zXloZ9uJS-DZLSG14qxkmYgS_lyUFrp4pxnryfB9cMQCbvUsSo7lT1blJWJM1x9Yw3I9kxld8qbgSyqcajUFLzSAz_6bkFzsnf4iPCa3fkvGVf9v1FNuQEx00n4B18FhPvUCfsx6wuNjhbKvSq_cZ-RA-q67oftOOZP7x7DoPu0BFkuyOOqF6vUq4tsIz61t6acM05xJGwkrGFs49ADaVDRg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1F00 78 KB
27 KB 311ms
180ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F00 42 B
63 B 254ms
124ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRc8Es6_JOAZDEHTligR5XSsmcQmIfcqhl6ciaCq1bEH-1eASSI1i5Wi5aEm-fBWmj8Lvg_PfqtqbbZOpTgvEwBzb-K2kT622vHZug9dLpgcKjcOs

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F00 0
20 B 242ms
111ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6114578270905384561&x=1&ct=76

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/70224161/xbbe/creative/ Frame 1F00 251 KB
77 KB 139ms
38ms Script
application/javascript 54.194.221.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9HhRsHRZ5oaSxzMLnQ8wxkAQOFZTazxiULo04FIqMnMlH0ExFEaCVf6LEYQqPC5b36rCmaTuKUdUQ6koXks9O6ljZ3VeIX6vv02W4SqRQAoCZ_4IyaZnci4eFNt-xXFhrnchrq-aXwo6izS92raM_ccERhvZ1O2aYBg27N15DaBSfE9hA0nDdYXfYkD4mMYDOY8vE3y599gLbU1QyYyaQF4ddeF6XkMptsIZkAbIqHVYuKQPUuGv22osQvp9aTMdv4dXxr8m4ogqT6cMsb_hHf_Y9ZMeaadpUxv_ZolOYDABPaYWITixM4tj9DIn7D-TM6F-rxTJWvEaaQWEN36wA_nPMn_20E7UdlTL1KQm3U8gIeMZ_iI4nMwMvqbptEK4KU71T20de56bO32J07fUdxZ5X3EBYZ63yDtLFI9iy15A1eKyVojON0rq6pZxNqn3Uv4fSz56sw1hQkcez2mVdyNvvGMDaY0lG4cKTGsfD-g15MBHOkxa541oJbs1s3Q-Oa12tITbPVWwldnc8viQ-YbbwmdmIynnF1eG_K44xHsT9AYXKzWAUYOCz33iX1jP2wz2zk8Ff2ofD2tvyNxcOflXWwHzX-BIleW8A1iYUNWv3SPkr-mNUIboeMBDlbN7VU7t3UK2zxKYHR6_VnsbFRHOQtTbt0OU6nLHCm5n75Q0nw5xOUbykOTuPXxah2175xGrDvxOV-GKjpsAtlQCV6JKhaNk726uCtNlVjri9x4jRQCFEc27sf_tZwx3ll7X62OrwqN_Ep6DoZS5ZDGJ9iTqRjRK7IA_gP1tNdgwPMKNZFTTHpWrK-gsbH0FQauhgFTbG2W7pP4kT2Ea69Xwd2ImTcJXLv4eURRtJE53IgoF8KMmn294HHFE4basgtO1vQzc_X0sQq-Kqfxk3bAB_xql4hO-XLNONDQcdXDOUDBpXhqC9Cn6SrcX2r5MvQNd3ntrSzmkc7vlUcmD_J4bXZTkhDj2hjxNOeJlhE2sNqYa12cBj3SmTMYkL5ASgilnHbNMAbsmVtcek2hhA_nP5LhhdM2Rp_D21jhV3cUcqFnDLeY7Vd4DwvnAG1l7hQpL0Kv7KZQgQwPxezngSOxGAPfsy8itAlo4PSkwxh2VnhN6_RX35esERBJGUTSI4fGDb1D1DQjlHUXO5adm_EpSck7ZFPrkLMWRPL2c7fO_RC5yF2lOgYzzAf47Y9Dt4KbzyYLNgNGj0j02kPXiWIddDhKXlANd_wgIV62ErF-2YllkbeC1b6qTTiVFCMX30QXvyNkmlez6DmxHSACwK_orug2bmUg4509s__W0r40SGDFLEWTrtIP4ytiZHJ7dlmXKUrHTN9IRmBX5g52zP9iYFJ9LCFz8_divfRchLR--hwpGZ2zWcry7Tcm8fZ6FJYPedPZzqqXCwEKHDkleJRFc-G4T2oNmXWCafLWsnOueDLCPSZcTB0HowJsz4I5Frtukz7vuPR2RtMDOJIiAd8fK4jgEO1g8Q0yNvbp-JFe-B7TNp6jc10LpyqQKf8xf-tjBx0Jl2mGdcjhma9zmNg2b1deAe99Ykvs9fQp6eDKs9Qc7fAWjOvNchrIlGuHgF1xyhBvh--fTaMfV95cni5glGUssoU8aWKTqQK4Xx4nzo8QyIGXHhVz_flbjS9q9rdwje7thvN_SqQFVGaiIecX3eHIIhkzT3sIYMxx5Up28q3bBhyV1f9-uBf8tfEYucmB_0_VcbY49I-XZuczml1YKi6DXJIjV7E4o0YsrIDPScf9fS7HpPsZVdiUweCvB5HeqWeWTyAX7-UEqfVftCzoTXA67V09Vi6oEcfWsJqK03GGX96u8WyqfLaSvxSBtsbMkHuTkCfLobgn3AxOe7FOhLzpP9ZnjAsdRBJ-uYTbZWAAIipatCYxaMl5-24EUcXw1ZrP5hHfb81MRSKZdJTH_e9yx__zY05CoErzYcZ_tcJ7a7vvktMSlSgmWEmX_tn8EP1Sv1ffmxSYxfLpEEWyAZ6fy8P3tFBTYsU6tAmwGDEde1G-EzezxQB6HwrWHGgz6E9WKW54ZGV5rVNmggCWmU29WEuOhk2PB7FmWnA0HQ_nhVm0bz1D_T4p_-kchjvqr_8IVqfjf4F6rq65pWHFoICRP1FoAL4x48KmIb-mWIOuVNn3G22qC0ggCAIcQaCNkjvcAtLukL54sp7mT8dzVY4EaBjDfgijM_WzQbRnU9-09C1d58ehICQs-KQI-BryCIuqbDRXQpnL--MAFnuiDCmO_eLw627woNbWDwt3JK_L1dnwiMy-uREHF9Wsd-ZutvW-4K7cLZPwtV2Eun5qgCAUP7XI9TpXEuBbXJCF5GQypwXRgUOtSgAyCOEZRyozYftyeQuulXtvN99cnKYDV5RfrQrzzcFOnyN04jP6nPU2E9YIbUFkZVUJr8TbZ6JWIN4uq2CiJa-eh793qpzQTwrlKYcKi16tXRXrH4hykAxTN--kc9r3B-LEpE6L8SCiPGanllXAed5mLgBMJCMRiFv5DeYlpHBOHqqzrD8vxQxyZrAKMsxqnTixxxnlE_zBWOg0xuxGemYajHyT4dF-Zx77m1dZk5kAL2EGoywrVkFTeCVrREGSXP5iabseheZUHfmwD0lLELJYoeCBO3QUEdAXtpr4xDyLTq4CKFCWXGIJ50jkE15QXOols-0hyK0h4vQg1bPjX3hf6qW_zYXUzHaXuKuylXB-fu_AS4yk_fhisBPRGnQxMn4Niv9vN8nnMMzsAAQUsa8CcEjYQ_2Og2DAuIuOwkspuxrYDwl1-zRThcslvr-VgPoJnT12XIZ32oB7d6v82stex5MVyz0o4h40zX4Sq9cF47ckMB6uXsBBnN0vlWClL4jwsMeRX0kHiLqHMarg1FHI6zsrXbkB0qvbs3XhJmLTJ0ITHR6jsZzCF84MY4gnUlfkUJAQef6q_IcDBWcmzmy6FSWxzcHFr3sBsiie5zQ7B1yya_pA95QJWpDnhaCCXq0lskbPzW8NCBe4eXfpH4l9W07wu6j6vQ6DT00W6Fgrii8ICQCOWEzCexEdgG2g1kPgquL3DgJgWeYKcG-YYu18UZNBhYjHWvBvjAxgTZqV39dh7dkou2emUsv68eI073e0_AkHiqH5WKGoHuD8vag7q0WpMlpfmul5IIAi6sPO-x9LdPyQDB0fpZtuZQOEnvGa_63M4cYDs_K7NhI9r1zcEbLHfpmPtnoAbwDERZk-KsHUJx7qZrM_vpvYvlRpZoCcfbTk-1ej65CwtZc0haRMWy-1wKiuBiPo5F1Qr7va1H0zeBfPatd76NtmV_ImNTsOOYxRVjKyyIO5vqD8QUJf8cl-qYZ6DabnwrqVSttODtELTPlzWraanMMchBCy_omjK16GVZ7VJeRIHWHnsRZgf5QOCBUDWRFKRg9p4Qcku1y6jKagEk5M19f2MpQyuAUGz8A8xJBbrp7wDOdJjiESsOjYFX6XE801N9rz0nxcW9jJ7TgEwORFpEyBDUPdrzaQIWTPWMVDxS2BDIFxq6rVlavt5v2QTVYa_dTcIRAV9vdeUi3KX1v8HiXcvWg5EEaUggEEkwAcoEIg23OdFODSLHKVvB6Ii5helmk9le6GNmPvRPmRkkUM3jhdd3SgoSRvfEnFj39heVaktq86Jbd4hQ-9WUwfuSQOwPl_66sK5k_GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hxzBtM1STHrtsqwjwNg69S
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.221.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-221-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b9e8766d97de1b202fa602d733471a2485d2ab2273225a52d7499e69dd8e8bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1F00 3 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1F00 19 KB
8 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F00 158 KB
49 KB 86ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3689 5 KB
1 KB 66ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 16:47:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B3AA 9 KB
994 B 58ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 15:31:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B3AA 2 KB
765 B 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame B3AA 22 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B3AA 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B3AA 19 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B3AA 0
0 20ms
18ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvtXMHo3OiZXAvSN0yGZoz_mz_ohY3J-E40w2rRpuwtND6SfVeZsj_uiNsFfm2P7eZdZTEqLMh2FeMnRZBiPcHoOjjqg
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3AA 158 KB
48 KB 75ms
45ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame B3AA 32 KB
14 KB 46ms
11ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:33 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 3689 19 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8031
x-xss-protection: 0
server: cafe
etag: 4566461469134147509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:11:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3689 205 B
518 B 46ms
14ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 15:43:02 GMT
x-content-type-options: nosniff
age: 5820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 29 Apr 2024 15:43:02 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3689 604 B
695 B 46ms
15ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 13:48:03 GMT
x-content-type-options: nosniff
age: 12719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 29 Apr 2024 13:48:03 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDBF 143 B
383 B 21ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:10:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8546 1 KB
643 B 91ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 06:47:50 GMT
etag: 48472445140208031
expires: Mon, 01 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10E3 0
0 183ms
112ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250201&jk=3828946545216055&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5A3E 15 KB
6 KB 94ms
32ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=koooralive-tv.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 686741
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDBF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

25ms
24ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:02 GMT
expires: Sun, 30 Apr 2023 17:20:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:02 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 941F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1

43 B
766 B

12ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNXlw5zXloZ9uJS-DZLSG14qxkmYgS_lyUFrp4pxnryfB9cMQCbvUsSo7lT1blJWJM1x9Yw3I9kxld8qbgSyqcajUFLzSAz_6bkFzsnf4iPCa3fkvGVf9v1FNuQEx00n4B18FhPvUCfsx6wuNjhbKvSq_cZ-RA-q67oftOOZP7x7DoPu0BFkuyOOqF6vUq4tsIz61t6acM05xJGwkrGFs49ADaVDRg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 941F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1&google_hm=2

43 B
766 B

12ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNXlw5zXloZ9uJS-DZLSG14qxkmYgS_lyUFrp4pxnryfB9cMQCbvUsSo7lT1blJWJM1x9Yw3I9kxld8qbgSyqcajUFLzSAz_6bkFzsnf4iPCa3fkvGVf9v1FNuQEx00n4B18FhPvUCfsx6wuNjhbKvSq_cZ-RA-q67oftOOZP7x7DoPu0BFkuyOOqF6vUq4tsIz61t6acM05xJGwkrGFs49ADaVDRg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOXX6jPm-Qna2VA5_YwbU8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 941F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKs1dX77eEMWFXqU6dvhPZg&google_cver=1

43 B
1 KB

26ms
26ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKs1dX77eEMWFXqU6dvhPZg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNXlw5zXloZ9uJS-DZLSG14qxkmYgS_lyUFrp4pxnryfB9cMQCbvUsSo7lT1blJWJM1x9Yw3I9kxld8qbgSyqcajUFLzSAz_6bkFzsnf4iPCa3fkvGVf9v1FNuQEx00n4B18FhPvUCfsx6wuNjhbKvSq_cZ-RA-q67oftOOZP7x7DoPu0BFkuyOOqF6vUq4tsIz61t6acM05xJGwkrGFs49ADaVDRg

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:02 GMT
AN-X-Request-Uuid: af2d67a6-da40-43b1-a2e8-df4c0b5de712
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKs1dX77eEMWFXqU6dvhPZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 941F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

170 B
243 B

47ms
46ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 30 Apr 2023 17:20:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fb4d0baa-9146-4aa5-bbeb-f2e7c7d04998
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 473ms
391ms XHR
application/json 34.252.16.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.16.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-16-161.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2cccc8580d72f5b0510a8aac85f11825f9bf81741330f33d805776e6cbbb3dc5

Request headers

Referer: https://koooralive-tv.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache
x-server: 10.45.22.25
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8546
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJCWfOLp_P8mdNZwARQAr0M&google_cver=1&google_push=ATf1kGOWfOPmdAULlwgziZXNg2h4lV20Y_CXNdpI_1-5oonaVrN0oMhGSlN1hAGCfcHkGNJ4Kh8lplxeG1D_eIdTnX78J7eiT0s
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg1Nzg3MDY1MTQzMzY2NjI2NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOI8oOTOzH3i6nR9eQNTc&google_cver=1

43 B
398 B

367ms
17ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOI8oOTOzH3i6nR9eQNTc&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOI8oOTOzH3i6nR9eQNTc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8546 35 B
463 B 81ms
37ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELmgXB8k6q0fAa8GI_r6zK8&google_cver=1&google_push=ATf1kGPJ2_qK3oKprH8nzNFbq-q-4wLlAwz8_gEkglJSaO_xO9lETyg5d89SyuZ2A6YsUq5ObJaT1Xuhd6qhR0ofXP7GvcW3zw

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8546
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEICHn2WrY7w1OiIuYSIctCA&google_push=ATf1kGM8x7s38RT-kAreM6Ezfwzd6Ielg_-RaDQgYzyG2hP6axn3VIYYVX...

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEICHn2WrY7w1OiIuYSIctCA&google_push=ATf1kGM8x7s38RT-kAreM6Ezfwzd6Ielg_-RaDQgYzyG2hP6axn3VIYYVXxQbX0QtcEY5zPLWwJs26XGvG6oC9wTUiBxbfIWog

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220066-FRA
pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1682875203.674300,VS0,VE105
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEICHn2WrY7w1OiIuYSIctCA&google_push=ATf1kGM8x7s38RT-kAreM6Ezfwzd6Ielg_-RaDQgYzyG2hP6axn3VIYYVXxQbX0QtcEY5zPLWwJs26XGvG6oC9wTUiBxbfIWog
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8546
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzrYFxLfF7lBm79en8mlpc&google_cver=1&google_push=ATf1kGOnMwxM0jdbUgnxb4b25qxCkivBs8Qs6NC6ACGKJ_vGkI_am6RUmvfW5mnLWrauIn2QQxagmRjmRp3SStrWb-aP9iuPxA
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOnMwxM0jdbUgnxb4b25qxCkivBs8Qs6NC6ACGKJ_vGkI_am6RUmvfW5mnLWrauIn2QQxagmRjmRp3SStrWb-aP9iuPxA&google_hm=eS04b2czRzF0RTJwRjlQZHVR...

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOnMwxM0jdbUgnxb4b25qxCkivBs8Qs6NC6ACGKJ_vGkI_am6RUmvfW5mnLWrauIn2QQxagmRjmRp3SStrWb-aP9iuPxA&google_hm=eS04b2czRzF0RTJwRjlQZHVRU1plYXk3b3lQNUVRZ3ZtdH5B

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOnMwxM0jdbUgnxb4b25qxCkivBs8Qs6NC6ACGKJ_vGkI_am6RUmvfW5mnLWrauIn2QQxagmRjmRp3SStrWb-aP9iuPxA&google_hm=eS04b2czRzF0RTJwRjlQZHVRU1plYXk3b3lQNUVRZ3ZtdH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8546
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECDC1ikM6PX90H2rk4FYTcA&google_cver=1&google_push=ATf1kGMtStVTGsu7PP_sZLTbDwyXMBkFqUyuEm0z4hcDC9_YJFFShpbnqQi4ZwtYFt-v7dX5VrC_0ojMaTA7Ia3...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ThH0ZtyaUD1pmUA8c7nxGFD_Csg&google_push=ATf1kGMtStVTGsu7PP_sZLTbDwyXMBkFqUyuEm0z4hcDC9_YJFFShpbnqQi4ZwtYFt-v7dX5VrC_0ojMaTA7Ia...

170 B
188 B

27ms
26ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ThH0ZtyaUD1pmUA8c7nxGFD_Csg&google_push=ATf1kGMtStVTGsu7PP_sZLTbDwyXMBkFqUyuEm0z4hcDC9_YJFFShpbnqQi4ZwtYFt-v7dX5VrC_0ojMaTA7Ia31-0hrznjB4Q

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ThH0ZtyaUD1pmUA8c7nxGFD_Csg&google_push=ATf1kGMtStVTGsu7PP_sZLTbDwyXMBkFqUyuEm0z4hcDC9_YJFFShpbnqQi4ZwtYFt-v7dX5VrC_0ojMaTA7Ia31-0hrznjB4Q
Date: Sun, 30 Apr 2023 17:20:02 GMT
Connection: keep-alive
Content-Length: 240
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8546
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGA1vhsaVvSVe8aZUeJzgRw&google_cver=1&google_push=ATf1kGNeiYFq8jOrFYBy_6mkp9DRuCv6kH14Xudgg2pgsGBMJD7bMNFr7SMIilqlZ0I0L63tTNSdIp2dvrWETSfF...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNeiYFq8jOrFYBy_6mkp9DRuCv6kH14Xudgg2pgsGBMJD7bMNFr7SMIilqlZ0I0L63tTNSdIp2dvrWETSfFj5eNHe5GhA

170 B
232 B

22ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNeiYFq8jOrFYBy_6mkp9DRuCv6kH14Xudgg2pgsGBMJD7bMNFr7SMIilqlZ0I0L63tTNSdIp2dvrWETSfFj5eNHe5GhA

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:02 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNeiYFq8jOrFYBy_6mkp9DRuCv6kH14Xudgg2pgsGBMJD7bMNFr7SMIilqlZ0I0L63tTNSdIp2dvrWETSfFj5eNHe5GhA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: gECq5SFm60jLCdoW6uQeVgNLV8hlvfgib1vpelc8fJEAu57DNEcBoQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8546
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELuHm-IDfgCole_P0_Leuo8&google_cver=1&google_push=ATf1kGNrB9flUTsR6ZMEzLIWfU7IoC3NqHnX1fZFEob5z5H0S-o3vW6XdnSP6YX73VJUQ0-lQ3tfNvcI4mtpQmhb3zhKgnl...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGNrB9flUTsR6ZMEzLIWfU7IoC3NqHnX1fZFEob5z5H0S-o3vW6XdnSP6YX73VJUQ0-lQ3tfNvcI4mtpQmhb3zhKgnlt4kc&google_hm=NTQ3MDE4MDc4...

170 B
232 B

23ms
23ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGNrB9flUTsR6ZMEzLIWfU7IoC3NqHnX1fZFEob5z5H0S-o3vW6XdnSP6YX73VJUQ0-lQ3tfNvcI4mtpQmhb3zhKgnlt4kc&google_hm=NTQ3MDE4MDc4NTQzOTk3NTI3Ng==

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGNrB9flUTsR6ZMEzLIWfU7IoC3NqHnX1fZFEob5z5H0S-o3vW6XdnSP6YX73VJUQ0-lQ3tfNvcI4mtpQmhb3zhKgnlt4kc&google_hm=NTQ3MDE4MDc4NTQzOTk3NTI3Ng==
Date: Sun, 30 Apr 2023 17:20:02 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8546 0
50 B 38ms
38ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvysaWLG-EsDkOvsSGJdczn-rITB1jpVi6MYWSQyjtaJh7WCinvilVFk-BF-n1ddvMw0Xipw

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5A3E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=koooralive-tv.net&sn=ChromeSyncframe&so=0&topUrl=koooralive-tv.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=QG4Ay3wza215d1NONkhOVUlaNUVUblV1MzVPaTAwaUJFcDhDZFY0OHpIelNXRnBMT2l4YWJHZm52Qks1MU1xbHJwZWppNWRMQ2UzRWQ1bmlyeEFkZWsyNVFzM3VmeXlsY1BoYkNwSWFUZjY5U2lYeUh1R0ZCWTZZdllrSD...

471 B
678 B

291ms
20ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QG4Ay3wza215d1NONkhOVUlaNUVUblV1MzVPaTAwaUJFcDhDZFY0OHpIelNXRnBMT2l4YWJHZm52Qks1MU1xbHJwZWppNWRMQ2UzRWQ1bmlyeEFkZWsyNVFzM3VmeXlsY1BoYkNwSWFUZjY5U2lYeUh1R0ZCWTZZdllrSDQ0V1Q0QVM0ZjM1L0ZNNzN1VEQ3WG1tQmt0bFcvbXhlSm9iM3A3Q2xaK005MWZSb0xPenc5dU5VRjF6aXo3RjUzZlNXZDJkNy9RVFBDUWpjRjdjOGtlazdla0ZRN0NFV0NXZEZQOFIvZlNpb3RpVndTSmN4Zmd4dVV0cW9qTEs0a1V2K3lwVmZiQWRUODRMK3lsTzNycFRFN0xON3ZEZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9c9d0cb030405f98201a994a7eb88da696861ef1a4cf0ed6547fce9107b84788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1379276
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=QG4Ay3wza215d1NONkhOVUlaNUVUblV1MzVPaTAwaUJFcDhDZFY0OHpIelNXRnBMT2l4YWJHZm52Qks1MU1xbHJwZWppNWRMQ2UzRWQ1bmlyeEFkZWsyNVFzM3VmeXlsY1BoYkNwSWFUZjY5U2lYeUh1R0ZCWTZZdllrSDQ0V1Q0QVM0ZjM1L0ZNNzN1VEQ3WG1tQmt0bFcvbXhlSm9iM3A3Q2xaK005MWZSb0xPenc5dU5VRjF6aXo3RjUzZlNXZDJkNy9RVFBDUWpjRjdjOGtlazdla0ZRN0NFV0NXZEZQOFIvZlNpb3RpVndTSmN4Zmd4dVV0cW9qTEs0a1V2K3lwVmZiQWRUODRMK3lsTzNycFRFN0xON3ZEZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 353089
content-length: 0
expires: 0

GET
H3 200 container.html Show response
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE31 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
expires: Mon, 29 Apr 2024 17:20:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1FE1 624 B
242 B 54ms
46ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVlMhM4CwgH1l-hiLqoxOI_G6L-_5nbwsxgibCJcNyw3JCvWDrgDCT1tMir_TilseMtMTOXDmo9S4tYk7-FYme1PAf9r99Zi83Xqd7AY5jt3-HI1sJ7-qW5NUeJmRJSZDkS7GmYt6sTuUCnAkXuUfLESWhdCY1NEOhSNOHd9i_Vj-0TagI

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DE31 78 KB
27 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE31 42 B
63 B 112ms
110ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CI5nGgxnItwZMpzVsgXL7SaAdD6IgENP85mh1u9l7cAaXczi9LcTPxfIfTIYerjQzKWHZFklVQAnNlNLgekHEvDEVOZLDBHHQptYSb4BIyfzUvXkY

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE31 0
20 B 111ms
109ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4022210109940551521&x=1&ct=76

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame DE31 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame DE31 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DE31 0
0 18ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1IQHSv6oNblGnbjod638INAGqSva0GDORDWUWF-y5xbTOfjbUo-vsUxcg0uGCjCFtOG5xi2c2fDRMdg5ekvxgUTI-Xg
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE31 158 KB
48 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:02 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F00 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5165515199240&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F00 0
20 B 109ms
108ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5165515199240&version=m202301230201&ct=76&x=1&cor=6114578270905385000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1F00 15 KB
11 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVVl5UjjzA9Qd7PLKVESWbvL5X05--gcs_f9qnRnCm4E6odlCHHp3g2sNmakcr74SaCR65xPEa446goaSMY1qIyEUyQlG81Ni9L6OWqr2L9AB0cIyzWzPst46edCwPGfphWz50yCMERKZ6fXd9LwD7Pf_EigdZXLcera2uyxjDD4CaMLw&cry=1&dbm_d=AKAmf-BP7WIp0azNoaKbJd0a23LYgXHSdai-_tja9Tw7rdVL5t8HkcziXbPgLpZhvlw1YfOZsKRi7lL4YlskXhK1LHXpafJbgKxx31RvRTyxJHHGFwcqfkVE8dKUxSbBf7ISoWzJXXeDn_pNEIsEHFYNyRtQ2WkbCUxEuGTYd0rDksKY6xh_cWha85_m9S5d9jloE9kMfxoNsOXR_ZV2GNv5fMpP6FQ3sAdvitf3hbKf0ZqRrru0TcCYXrpnW8XUG4mrFmC_o5-s_JN1tRGPuUl0F-WGlVr3ADeYS6vN14JR14_5JMdobw2KyDnK24OF5q9ILlDruaM_bTrHiQbyukxiIpChvFCM-Db90N3mqwRUXADmwSdnfAIJon_QOyzU10RzyPZxB10AqXy518WsQBNXi9uNuuF3EQxmUgrqJr-Oq5sQlN3KDuO26QNqZW6p7cBviBNGaWYMuXtjZMWYT8EL9AoJm2uYFxiasJFj53fI7YAXhNx-Y-isjAQPCpaeW0ww64LCasT5HBW-pPpEXj9AYYN4IB0F2-_9zHd7sioeUPxwGA2CWQcJrcsnyE70YNcYx4yQObeKBZXld7ty_ovrb6xDZtwrac7dmghKRQ_Apjmc7V8oKXil3mxaJnGDQ5LRYbQQMcdMbwRmw2JRFzK3BpWJeF2S8HjCQ_r5lOMdfOq67kMxB-uFihwIp7rGwo2JL9n5VOcxyJV-97wDx250mPOFa544JDl5jfv1IWZ6gcZLs8kkdbhwV49-IIqFjyIy0SFv-SmsHAiy2BECm47dmFuCqPlhfUpv90CasNksn-5ZjFObAb_DK1yhBDmmgMZH7rqqWVO39B0OkgLbBRSIwKzAUDELcR2zh4I2QMyJHrux_VJrFFr0B1_61pjAhoGjazuluCZDi4siq16TLlfcWODc3do6353ivnKmzweHIpiq2n8BJgtTyESxaMSzxyAK2KRKMbKyV5BlDf2-iIziRxL3RTEmtAj-OXIqsmMvEiPiZkj57A--qoVkhpQvrR51brS_SHLFY902u0P4gFDbTHeqabohYvSZ9V8vUC7_4pWdhVM_K7YDHDBUdxo5lBIM7ChBJwqwQ2r5tNqI0x-Q9hlNzmhWLTogs9OFKyOvZMAzhfWXiTO7fy0ufSwtviBJzxO3xNVMGqvH--LeVp-Mx6XR6KuBwaMotDN8ptAA3NW2ftTA9S3oaELsXZAqtaoVoNX_pih_YvYg0fB_r0gX5QylhCPRzbJAFoSDekGw-kW-AB-VZhKp4JUVFEO3Gw72tqwfniwc-sVXL6siCWKmbv9b-Waj8BnqkGufdLj0fXFhgUEKxnVQa4prhK9PdZpXBuMw2wFML6y9WkDY1wytSok7OajC7u51MEtLFe6lPZycqzOgS4-zY0rWCPWNCc9qXq4FCQMEVLnSHW6zvZ87pIj6e-lL7Q-73NKPapXpM3d7parlAN977g7b_wEWZZIcDl4eYSXF_tNIweRcpNSFSCYq-wnTdjlBF1WUgl7fEueK5bDqVae6IbgLHsl2VeQRLKCgQ9ig8pMEC9kgvLINDtohk131Ygqm5uNNJReAdM6Dn_80KO44RC8E-EWcpzWPI3b_9Hci9Pcqynkqdg9E5lt6G0p9tAr0_z3VbiK3ItgYgRY26P4vY1VZAehngpNZhsWpwRSnRP9_5ksgyKpNSNTzFt4P2RTO9qrMvRcq3MdpVuerltzJ8farU_trtlsFPwfcPmxwEi6h-tnbIjPhD7kqcLg0bBaIB0AGnOnR6mRr85F7ObOfZ1dRAfiv5P022wYEakyuDLR9Te7knmHscjDSxm-Xcnxaze_K4qlWEhw790OKWpMjYVFQKnPW-OzN8vpqPg-mga2EXIPZanVKwT-a3ccpCyPWlb7h3WKspavH5LGgSiN756nlJHTypPolzCSbnMdKd_zZrrXYu_fI7JBd4fXE88KNAIsr5FaBr1tCGcWkyyTd_tsU-LuxIOpydiKJO2AVDmKcAevgzZLqrvmBprBZAvH0CCcMSDJ_LHLt2c826sNn8GalMfI0oTIsCq6RK9nZPFx9YjixpYJvGMRlOJHEZJZzUyiSkkKi0FlHygC_4bpnyv9LnJqFfQTA9-ITgJezXz7ZIj9ymByhJvrn3XrExWc-YbuGkYRR-ZL_hFEBPmJCV1DCC26kJkxopJNPK5bRUA2KrT8gvjUswDp47eVB9FH6fd7ZGLiWKu2pCDiBnMF9PuumBgoDWXAL4PuK4y7dUBY0te4qFozfplVReHxGQIPDxPNTGDmSaunStBp3iYtBolvd_5ghebYGBlFBUO_YHaTrQPP8IntZqIa3fjBNIN6AjW0dmDHxKURFtrQr10M5LcJCpOX7hLTyVHp1BAh_GMCjwOAk9HUd8jerI4kfVN8XdC7PV6qtDXlr0MfVFCIKW0ttLMlvWQW-fwZTCSPma14UXPefyXP8tJQOJMeUFQqP2L3lLXJUKcUj32xE3_9_UsVMh99s1CncemWGvIKsSg48C4W8J0gus6Pup64AlwPMBHyp5TRYQ2juIW6Jm85TL6R-bfJDqnIhlkz5Xl72ci0mjLQX-DhHJKGzKFBaTdMVEtxzu1oUCq-0lyPl_2XUvtfVOrEaTep-3gpl3wYlcuc8lnSOamTewKhrXIT1v80C-Aw9LVM9fNBK9HlovhYe1_M5R73oR_DT2LKm6a5O2Be8L600NSYIvZC0PwJwIYGYpfEqhA7qmttxwrZCT-cNcIwP1ew7s8Ks87v3m28kCAXnp0Gq9S3n_iUOrt8Igvw_jXsTH3y3crDucV5PmOTdT82kZTdL_Bo1SKjzPTn1rnnrjBuhSpbmlncpLN6tci1gJrA5pbxLVONGrWfoD5_X4jLoHxRKhyytop1wh21MXw274hEP3s3phKlFoSVMLINVMPoxJ33xfr3sktsjxbMNGsTB4KTiHxivD-gzD7gQf1iM0_LdJ8K3utjbvenxhg&cid=CAQSTABygQiDbc50U4NIscpW8HoiLmF6WaT2V7oY2Y-9E-ZGSRQzeOF13dKChJG98ScWPf2F5VqS2rzolt3iFD71ZTB-5JA7A-X_rqwrmT8YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=6114578270905385000&adk=356101037&idt=320&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14d4e409f3118c0510a6b5a386f65cfa12dab9f8e60bea1dba6c1880931f8b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1FE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVlMhM4CwgH1l-hiLqoxOI_G6L-_5nbwsxgibCJcNyw3JCvWDrgDCT1tMir_TilseMtMTOXDmo9S4tYk7-FYme1PAf9r99Zi83Xqd7AY5jt3-HI1sJ7-qW5NUeJmRJSZDkS7GmYt6sTuUCnAkXuUfLESWhdCY1NEOhSNOHd9i_Vj-0TagI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1FE1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1&google_hm=2

43 B
766 B

10ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVlMhM4CwgH1l-hiLqoxOI_G6L-_5nbwsxgibCJcNyw3JCvWDrgDCT1tMir_TilseMtMTOXDmo9S4tYk7-FYme1PAf9r99Zi83Xqd7AY5jt3-HI1sJ7-qW5NUeJmRJSZDkS7GmYt6sTuUCnAkXuUfLESWhdCY1NEOhSNOHd9i_Vj-0TagI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECw-lO7qRW9qNKBprXzQxFQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1FE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0fMrEWpx02QDyIA0t9-yI&google_cver=1

43 B
1 KB

14ms
7ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0fMrEWpx02QDyIA0t9-yI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNVlMhM4CwgH1l-hiLqoxOI_G6L-_5nbwsxgibCJcNyw3JCvWDrgDCT1tMir_TilseMtMTOXDmo9S4tYk7-FYme1PAf9r99Zi83Xqd7AY5jt3-HI1sJ7-qW5NUeJmRJSZDkS7GmYt6sTuUCnAkXuUfLESWhdCY1NEOhSNOHd9i_Vj-0TagI

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:02 GMT
AN-X-Request-Uuid: a1cf0654-3868-40e0-990b-883b56cf546e
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0fMrEWpx02QDyIA0t9-yI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1FE1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 30 Apr 2023 17:20:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 182e9343-0256-4daf-a28d-0235c042f790
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE31 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9956344593698&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE31 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9956344593698&version=m202301230201&ct=76&x=1&cor=4022210109940551700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DE31 95 KB
38 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDHoqGwWXCP1utKwKKqxqmG8VQXB_W7zsH71BnmbwOcSytQYEunCf2_tdOY6IW0_I4JaWXWKL0cALIjmyf1w43H20AFKmzvvnjSFGWUy4nvvYlafb-D-d80xnzqADHjNbiYnehNKAhlnSV0OqIHjAb06e-lBzf3Wd-Q23VocZjamSppoI&dbm_d=AKAmf-CgiMdoPVt8Qk943Q2OAiDdGAHSCHJ3f0rqViVg4T7OUOdqqinVbhKwo0pIlUwFVQqtJG7ekZrCCENpBuHtwQmMYA1Wz3ZSSzoU768VqrY8p014Ww6yf5KE2E2Bt98YmZDfq5nwUOxhF61SCHpcRtKks4ZgrQtapC6gVBHOEzRZpE6-YvQ6eoBK49F7W4yanJB97yrLkrdLloZN2Ati-aWyBPAlz9I7mRm-3Bw-9KelbZf4UkfcYb1vnZ6TddR7mCEZh7Os89dvVSjhxa-bGIYcoad2av3SP2GpdpcnKhSLADoJgTgp7MjQuTokANO9oJKyrpAj1cZNgyGQiXDH_RwOJUutflNGDzq8zAsLabxRI-ud066fjWPxPtHzJ9yfgBdPgq3mxQhRKzAJFsa4YQvs5ouFQOgX9G1HcYIW0R_IcAsYnc-2Kt7X_DBFlA__zZDi1SZGpzjYV7qQaAYnpdRbXnIqBtNEpk3o_g2-6GrIe3lLhMqSIwuxTEaWvlD45jcsgZDFfrVV__KyuUdH-YbHJD97u7tqOw_e4tbzo9tVVL9P1JdfRh80jq_n57TBZ0hn0w6_JAQrNneSJhSNR5BWZEt4XEr9986-O1UYab2qI-M58oksK3oIOiHb4HKfH4tOdin29vfEFmLcVL13Hm1fIWjAAlk2ewN3A83x7d9melGam6Y4k9vJNR5buN2kN_r74pKVKNJlTldtOg7IOqkM4pygidpOV_RjKQ4rPW7u8lsCq7h_7pBp2o5XDC6sQjxUWiYwzxSG9_t4TaeaXJOWFSLbDV_xz57fveGskawQYU4Fyz7OAyAJ3Iy1rbUx8zzOOn6ppTZVLCjxVU-jRflJXVyOuamYXDvr4tkJeWGR5KwN2zW-2vQG_RCfzo3UuCnGz1Ew-kOU9RRzkt9YFlZ-nN8UMur9dApua9admuVZWmNxj61UoYeLq_cA2O3Nyc3a6OaQDqwZlUlCxmGDcgCz88AmRP0x2sLdhPp9HGXSBQiuE6HBo82gBg4xJyvKjSu7XKV9nNkqE7gM1vTsD4x_nsSUzK7B-_11dF3zADqcsdlmT2igCTPBHq9suGzhYJSvDdYReWsKQHAKQt_tqYbY_8AbMuz4-lmpDLLVnoHzfVzW72Z2BvfIB7nnnSm6YxsGgyDzn2sNZ-FwJ8SrAIH377NzHVSsINEQ5FP7q9wvroWZ9-tClJQL3EPHMom1uKeAElNEm62Tgr3AQMsceyKCLAiTBk6WUu6hZ8hoFFL-oRZPOdqbZv4im_uPf5f2ztKvmDznS0LRM8rO8zKaRfmoG5QdQvCS3E6HhkTvXv4T9mg837DU-epni2cbnARB1c6iqjyUr5TuFX3OMPfJevrgfLmbM8Icv845UNPWMPObHFKPErTDxEzkRmrQAcGUmlmU7SagMpe229n_0_53aXhVvouD7J-Xc88jWN3KmufnJjuAHlfN10XJurpwYJsLZZEskNGdgZo9v3YopZ9t7TbzYUrC0gg4ttDlcLdfe2hj5NrAmz_mstvVpw6gGr5Bhc1MuSeNOw8WKlGVh7qE-_FNAwwhEhqymraU_gDkcKl0bouYpLSlIlOxS9dh7lHB24yR3PaFiV3ru0baXlyF0D5-J-7ftWGcwqcHTYJ1WqpO6Gr8L0QhFSImJYUAauNR3MW6Q8vGWGm2WRrpTwfojJDw1lfEybt9X-GazNAG05MPVdblWmVgsKuBgcM3dLw1HaSX33zKqyGGc3JbID5BoEICT08SY-yO53gAeOHpBBZpG689Dre90EM3IHdVMr_npR0ekajlnYAGnRgrvJbJoSOoKH4M43y-azgDikz0hxhD8UIvzXrhde-ntfelaqvu0xiwMCQmfsAGiQCJ-7kcEOvhYdse2x_Qzgc5sjqt4-vmPDpT5naZ7BZW1YlMSTs-eQy0XBiCw5IErdTtTLRbpK9nwT0lFZuEaeirAkC_o1fDkj33XGXKYoDiRohLRSZVCFZd4yixIRlr4qfrqv0lD1nzAOJ-4sulM8OBqZwE0pYv9Z9J4yXiGAvXzGJQjG6BFnQuzTT0hZ_WdSsHLZMt8PRIjIvKErN1I0c5P6I12tRpqYJ9B-S9IOjE_8YoN8caIuFk-TdXS1QN6dkOYumITzMJDkw0NTe752RPqxeJrQSIHnJ3n1Edl0TGQu7iLJScCkNwp8jxXZJrucHbLjV-VYR1sLSousEMWBowFzM9tnvaaW9RiM1bqUXQL_w15FHRHKMkXM9CehYuIpiMfmQH-eQUpfsPKeI79_cUJCiktLDdO9faMTbZW1Y4DBl0wuC1FVxT6TVbz-HtYXLNBvnAPY1UgXSzLgHLqlaqCb85_xhX8uU6oGbRcZZtQgFMI-B4h3Bj0US0ulpUQCj5QynNkEO9EbpOs1lzxoXpPTIcVX9A7ueO0u4ny2HE_mdT0M0f3tqy9xS023fo6oVWt1_8vMeoUN7i3UAYgzMyWV_57dLhGRo2y000sIiLA0PwWjlKCVikxh6gnitIADvLV44vgQ8pgTXZ2WOGRQnzfpibuqzQANglxY1H18CRbgfhlOOTEZPUUb2cn6OiIaG7peFfH-bJMvyb4aL31tIiBsWyMXpNYbLDawZu3q5SDGYQqscB8pSdrviCnV_OjPZuGYVkCz3qDyN2ltfbLQYbexXZH2nrwWBoF5cANrALb5HR4WoZNgorrIs1hIwX_OaqLAwlN2R3l2jREi8cTymfbCZiwKyw2P5RFdQej6AK70P3LZEDandF7htUHhsFFNK_EME2sKnG3HM5Ms7TEzL5fzA6ni-sk3kM-D9SlfFf-zm2yedIKs-kApHJPCYJIf0rwFgJTtUv6hsZEP1haVqFwSBqDz5pD8lYSU0LHs3eNoMHr6qSLNpOpCnxwoW5XGeL0OHS8OtB0s9cP-RqriALt6u34BZyWikQknKfxg6PCenPqC4JyZi8g0Mp52_UIGOEbEhy3kCRVGmMe9EcIX7kSJHQeXt1BbfW85ypKK2d76wD0-7d-IFU6PCV-HZh5emG6QcP9Cpgy40DAIn_aHe_1Xt3hmAlD4t8N4Cj-vBR6eWwu0KLDXKwUQRTFZRRG0xVmkKPxR4-BIJUdEW768vtEi-UNFfLnn-E8wEm1zNG-HaP-S27EqnVwx914NAnOGtnVEyAni6FeMHDrStetypQ6BR2otuPoY8bfmHxt7DHvw0EdtHzHgojtsOxVpiFcpmn52DcCwmICeasrOU_u1j5_JjMMndZXWwU9q9uDlF7R7NTfiM9FDuF-tqpCjvCcHsf7V2NlR2q9MxQGS5786_HJTh8p8BKAixEA3JKa3EWy2X1fb7qY78n5ya-QvO1kmQ765Dw7VLG3u_fapYKGPzkcoLIDfVggcuyEWzA7sH0mTT7x3YyYYZv4ez2FFMmDD-TWxsOoBE61804G2SLKTXfXt0h6Gg9-bguAmNayg9UQF6BEHPIX0R34ythyAoyqwAxv78voinWzegZ7diQYr9aN1zJf28YF3BVqssikupfzTaTLVYSlk5JogpzubWW2PoKpHW4UHTAc3yLadchMl4ijiFoQmE6AKXWpn8MKEIhfMQvdUbH9VfMYl4JzuHphLAYogo4DJCxxjlPDc-A7oLm6xHJm7Dw-QlxBYeuqybLqrvx0Jl4m0PSd09fRT1BP-8UndJedvv2TCGmxArM9q9IzYHbi2_CJyyHlt65SPoa1W_RBi_OxBcKFkkGbl1ixabtOjNiKeZwZwfUBLVc8_ekW_tq9qXk7wxmOG2rdqT-n6quf0EX77jY53GQMvrsbM_bS6sYeKcuBOfUbUuEjW8aej7vriYTc6sd3B21D3xIGoe-Z57asXe4J5ik_0OwqKRP62w3WDh8lqkYwEkyxejY5LQBbXaOjt1rq-c&cid=CAQSPABygQiDnEDFAt_xxw4JvaO4FaPV492VqQw9XhLUXJDDJABiAZ3oz5uQ8BQHEhe9TpZx2zQGeVK6E6tKmRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=4022210109940551700&adk=3047537735&idt=86&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7eccd974188f2666715685eb410c6b9ca15b560de1d1d95990ebcea0a2d17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38456
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F00 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVVl5UjjzA9Qd7PLKVESWbvL5X05--gcs_f9qnRnCm4E6odlCHHp3g2sNmakcr74SaCR65xPEa446goaSMY1qIyEUyQlG81Ni9L6OWqr2L9AB0cIyzWzPst46edCwPGfphWz50yCMERKZ6fXd9LwD7Pf_EigdZXLcera2uyxjDD4CaMLw&cry=1&dbm_d=AKAmf-BP7WIp0azNoaKbJd0a23LYgXHSdai-_tja9Tw7rdVL5t8HkcziXbPgLpZhvlw1YfOZsKRi7lL4YlskXhK1LHXpafJbgKxx31RvRTyxJHHGFwcqfkVE8dKUxSbBf7ISoWzJXXeDn_pNEIsEHFYNyRtQ2WkbCUxEuGTYd0rDksKY6xh_cWha85_m9S5d9jloE9kMfxoNsOXR_ZV2GNv5fMpP6FQ3sAdvitf3hbKf0ZqRrru0TcCYXrpnW8XUG4mrFmC_o5-s_JN1tRGPuUl0F-WGlVr3ADeYS6vN14JR14_5JMdobw2KyDnK24OF5q9ILlDruaM_bTrHiQbyukxiIpChvFCM-Db90N3mqwRUXADmwSdnfAIJon_QOyzU10RzyPZxB10AqXy518WsQBNXi9uNuuF3EQxmUgrqJr-Oq5sQlN3KDuO26QNqZW6p7cBviBNGaWYMuXtjZMWYT8EL9AoJm2uYFxiasJFj53fI7YAXhNx-Y-isjAQPCpaeW0ww64LCasT5HBW-pPpEXj9AYYN4IB0F2-_9zHd7sioeUPxwGA2CWQcJrcsnyE70YNcYx4yQObeKBZXld7ty_ovrb6xDZtwrac7dmghKRQ_Apjmc7V8oKXil3mxaJnGDQ5LRYbQQMcdMbwRmw2JRFzK3BpWJeF2S8HjCQ_r5lOMdfOq67kMxB-uFihwIp7rGwo2JL9n5VOcxyJV-97wDx250mPOFa544JDl5jfv1IWZ6gcZLs8kkdbhwV49-IIqFjyIy0SFv-SmsHAiy2BECm47dmFuCqPlhfUpv90CasNksn-5ZjFObAb_DK1yhBDmmgMZH7rqqWVO39B0OkgLbBRSIwKzAUDELcR2zh4I2QMyJHrux_VJrFFr0B1_61pjAhoGjazuluCZDi4siq16TLlfcWODc3do6353ivnKmzweHIpiq2n8BJgtTyESxaMSzxyAK2KRKMbKyV5BlDf2-iIziRxL3RTEmtAj-OXIqsmMvEiPiZkj57A--qoVkhpQvrR51brS_SHLFY902u0P4gFDbTHeqabohYvSZ9V8vUC7_4pWdhVM_K7YDHDBUdxo5lBIM7ChBJwqwQ2r5tNqI0x-Q9hlNzmhWLTogs9OFKyOvZMAzhfWXiTO7fy0ufSwtviBJzxO3xNVMGqvH--LeVp-Mx6XR6KuBwaMotDN8ptAA3NW2ftTA9S3oaELsXZAqtaoVoNX_pih_YvYg0fB_r0gX5QylhCPRzbJAFoSDekGw-kW-AB-VZhKp4JUVFEO3Gw72tqwfniwc-sVXL6siCWKmbv9b-Waj8BnqkGufdLj0fXFhgUEKxnVQa4prhK9PdZpXBuMw2wFML6y9WkDY1wytSok7OajC7u51MEtLFe6lPZycqzOgS4-zY0rWCPWNCc9qXq4FCQMEVLnSHW6zvZ87pIj6e-lL7Q-73NKPapXpM3d7parlAN977g7b_wEWZZIcDl4eYSXF_tNIweRcpNSFSCYq-wnTdjlBF1WUgl7fEueK5bDqVae6IbgLHsl2VeQRLKCgQ9ig8pMEC9kgvLINDtohk131Ygqm5uNNJReAdM6Dn_80KO44RC8E-EWcpzWPI3b_9Hci9Pcqynkqdg9E5lt6G0p9tAr0_z3VbiK3ItgYgRY26P4vY1VZAehngpNZhsWpwRSnRP9_5ksgyKpNSNTzFt4P2RTO9qrMvRcq3MdpVuerltzJ8farU_trtlsFPwfcPmxwEi6h-tnbIjPhD7kqcLg0bBaIB0AGnOnR6mRr85F7ObOfZ1dRAfiv5P022wYEakyuDLR9Te7knmHscjDSxm-Xcnxaze_K4qlWEhw790OKWpMjYVFQKnPW-OzN8vpqPg-mga2EXIPZanVKwT-a3ccpCyPWlb7h3WKspavH5LGgSiN756nlJHTypPolzCSbnMdKd_zZrrXYu_fI7JBd4fXE88KNAIsr5FaBr1tCGcWkyyTd_tsU-LuxIOpydiKJO2AVDmKcAevgzZLqrvmBprBZAvH0CCcMSDJ_LHLt2c826sNn8GalMfI0oTIsCq6RK9nZPFx9YjixpYJvGMRlOJHEZJZzUyiSkkKi0FlHygC_4bpnyv9LnJqFfQTA9-ITgJezXz7ZIj9ymByhJvrn3XrExWc-YbuGkYRR-ZL_hFEBPmJCV1DCC26kJkxopJNPK5bRUA2KrT8gvjUswDp47eVB9FH6fd7ZGLiWKu2pCDiBnMF9PuumBgoDWXAL4PuK4y7dUBY0te4qFozfplVReHxGQIPDxPNTGDmSaunStBp3iYtBolvd_5ghebYGBlFBUO_YHaTrQPP8IntZqIa3fjBNIN6AjW0dmDHxKURFtrQr10M5LcJCpOX7hLTyVHp1BAh_GMCjwOAk9HUd8jerI4kfVN8XdC7PV6qtDXlr0MfVFCIKW0ttLMlvWQW-fwZTCSPma14UXPefyXP8tJQOJMeUFQqP2L3lLXJUKcUj32xE3_9_UsVMh99s1CncemWGvIKsSg48C4W8J0gus6Pup64AlwPMBHyp5TRYQ2juIW6Jm85TL6R-bfJDqnIhlkz5Xl72ci0mjLQX-DhHJKGzKFBaTdMVEtxzu1oUCq-0lyPl_2XUvtfVOrEaTep-3gpl3wYlcuc8lnSOamTewKhrXIT1v80C-Aw9LVM9fNBK9HlovhYe1_M5R73oR_DT2LKm6a5O2Be8L600NSYIvZC0PwJwIYGYpfEqhA7qmttxwrZCT-cNcIwP1ew7s8Ks87v3m28kCAXnp0Gq9S3n_iUOrt8Igvw_jXsTH3y3crDucV5PmOTdT82kZTdL_Bo1SKjzPTn1rnnrjBuhSpbmlncpLN6tci1gJrA5pbxLVONGrWfoD5_X4jLoHxRKhyytop1wh21MXw274hEP3s3phKlFoSVMLINVMPoxJ33xfr3sktsjxbMNGsTB4KTiHxivD-gzD7gQf1iM0_LdJ8K3utjbvenxhg&cid=CAQSTABygQiDbc50U4NIscpW8HoiLmF6WaT2V7oY2Y-9E-ZGSRQzeOF13dKChJG98ScWPf2F5VqS2rzolt3iFD71ZTB-5JA7A-X_rqwrmT8YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=6114578270905385000&adk=356101037&idt=320&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 1F00
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAW...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9Hh...

74 KB
24 KB

105ms
50ms

Script
text/javascript

66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9HhRsHRZ5oaSxzMLnQ8wxkAQOFZTazxiULo04FIqMnMlH0ExFEaCVf6LEYQqPC5b36rCmaTuKUdUQ6koXks9O6ljZ3VeIX6vv02W4SqRQAoCZ_4IyaZnci4eFNt-xXFhrnchrq-aXwo6izS92raM_ccERhvZ1O2aYBg27N15DaBSfE9hA0nDdYXfYkD4mMYDOY8vE3y599gLbU1QyYyaQF4ddeF6XkMptsIZkAbIqHVYuKQPUuGv22osQvp9aTMdv4dXxr8m4ogqT6cMsb_hHf_Y9ZMeaadpUxv_ZolOYDABPaYWITixM4tj9DIn7D-TM6F-rxTJWvEaaQWEN36wA_nPMn_20E7UdlTL1KQm3U8gIeMZ_iI4nMwMvqbptEK4KU71T20de56bO32J07fUdxZ5X3EBYZ63yDtLFI9iy15A1eKyVojON0rq6pZxNqn3Uv4fSz56sw1hQkcez2mVdyNvvGMDaY0lG4cKTGsfD-g15MBHOkxa541oJbs1s3Q-Oa12tITbPVWwldnc8viQ-YbbwmdmIynnF1eG_K44xHsT9AYXKzWAUYOCz33iX1jP2wz2zk8Ff2ofD2tvyNxcOflXWwHzX-BIleW8A1iYUNWv3SPkr-mNUIboeMBDlbN7VU7t3UK2zxKYHR6_VnsbFRHOQtTbt0OU6nLHCm5n75Q0nw5xOUbykOTuPXxah2175xGrDvxOV-GKjpsAtlQCV6JKhaNk726uCtNlVjri9x4jRQCFEc27sf_tZwx3ll7X62OrwqN_Ep6DoZS5ZDGJ9iTqRjRK7IA_gP1tNdgwPMKNZFTTHpWrK-gsbH0FQauhgFTbG2W7pP4kT2Ea69Xwd2ImTcJXLv4eURRtJE53IgoF8KMmn294HHFE4basgtO1vQzc_X0sQq-Kqfxk3bAB_xql4hO-XLNONDQcdXDOUDBpXhqC9Cn6SrcX2r5MvQNd3ntrSzmkc7vlUcmD_J4bXZTkhDj2hjxNOeJlhE2sNqYa12cBj3SmTMYkL5ASgilnHbNMAbsmVtcek2hhA_nP5LhhdM2Rp_D21jhV3cUcqFnDLeY7Vd4DwvnAG1l7hQpL0Kv7KZQgQwPxezngSOxGAPfsy8itAlo4PSkwxh2VnhN6_RX35esERBJGUTSI4fGDb1D1DQjlHUXO5adm_EpSck7ZFPrkLMWRPL2c7fO_RC5yF2lOgYzzAf47Y9Dt4KbzyYLNgNGj0j02kPXiWIddDhKXlANd_wgIV62ErF-2YllkbeC1b6qTTiVFCMX30QXvyNkmlez6DmxHSACwK_orug2bmUg4509s__W0r40SGDFLEWTrtIP4ytiZHJ7dlmXKUrHTN9IRmBX5g52zP9iYFJ9LCFz8_divfRchLR--hwpGZ2zWcry7Tcm8fZ6FJYPedPZzqqXCwEKHDkleJRFc-G4T2oNmXWCafLWsnOueDLCPSZcTB0HowJsz4I5Frtukz7vuPR2RtMDOJIiAd8fK4jgEO1g8Q0yNvbp-JFe-B7TNp6jc10LpyqQKf8xf-tjBx0Jl2mGdcjhma9zmNg2b1deAe99Ykvs9fQp6eDKs9Qc7fAWjOvNchrIlGuHgF1xyhBvh--fTaMfV95cni5glGUssoU8aWKTqQK4Xx4nzo8QyIGXHhVz_flbjS9q9rdwje7thvN_SqQFVGaiIecX3eHIIhkzT3sIYMxx5Up28q3bBhyV1f9-uBf8tfEYucmB_0_VcbY49I-XZuczml1YKi6DXJIjV7E4o0YsrIDPScf9fS7HpPsZVdiUweCvB5HeqWeWTyAX7-UEqfVftCzoTXA67V09Vi6oEcfWsJqK03GGX96u8WyqfLaSvxSBtsbMkHuTkCfLobgn3AxOe7FOhLzpP9ZnjAsdRBJ-uYTbZWAAIipatCYxaMl5-24EUcXw1ZrP5hHfb81MRSKZdJTH_e9yx__zY05CoErzYcZ_tcJ7a7vvktMSlSgmWEmX_tn8EP1Sv1ffmxSYxfLpEEWyAZ6fy8P3tFBTYsU6tAmwGDEde1G-EzezxQB6HwrWHGgz6E9WKW54ZGV5rVNmggCWmU29WEuOhk2PB7FmWnA0HQ_nhVm0bz1D_T4p_-kchjvqr_8IVqfjf4F6rq65pWHFoICRP1FoAL4x48KmIb-mWIOuVNn3G22qC0ggCAIcQaCNkjvcAtLukL54sp7mT8dzVY4EaBjDfgijM_WzQbRnU9-09C1d58ehICQs-KQI-BryCIuqbDRXQpnL--MAFnuiDCmO_eLw627woNbWDwt3JK_L1dnwiMy-uREHF9Wsd-ZutvW-4K7cLZPwtV2Eun5qgCAUP7XI9TpXEuBbXJCF5GQypwXRgUOtSgAyCOEZRyozYftyeQuulXtvN99cnKYDV5RfrQrzzcFOnyN04jP6nPU2E9YIbUFkZVUJr8TbZ6JWIN4uq2CiJa-eh793qpzQTwrlKYcKi16tXRXrH4hykAxTN--kc9r3B-LEpE6L8SCiPGanllXAed5mLgBMJCMRiFv5DeYlpHBOHqqzrD8vxQxyZrAKMsxqnTixxxnlE_zBWOg0xuxGemYajHyT4dF-Zx77m1dZk5kAL2EGoywrVkFTeCVrREGSXP5iabseheZUHfmwD0lLELJYoeCBO3QUEdAXtpr4xDyLTq4CKFCWXGIJ50jkE15QXOols-0hyK0h4vQg1bPjX3hf6qW_zYXUzHaXuKuylXB-fu_AS4yk_fhisBPRGnQxMn4Niv9vN8nnMMzsAAQUsa8CcEjYQ_2Og2DAuIuOwkspuxrYDwl1-zRThcslvr-VgPoJnT12XIZ32oB7d6v82stex5MVyz0o4h40zX4Sq9cF47ckMB6uXsBBnN0vlWClL4jwsMeRX0kHiLqHMarg1FHI6zsrXbkB0qvbs3XhJmLTJ0ITHR6jsZzCF84MY4gnUlfkUJAQef6q_IcDBWcmzmy6FSWxzcHFr3sBsiie5zQ7B1yya_pA95QJWpDnhaCCXq0lskbPzW8NCBe4eXfpH4l9W07wu6j6vQ6DT00W6Fgrii8ICQCOWEzCexEdgG2g1kPgquL3DgJgWeYKcG-YYu18UZNBhYjHWvBvjAxgTZqV39dh7dkou2emUsv68eI073e0_AkHiqH5WKGoHuD8vag7q0WpMlpfmul5IIAi6sPO-x9LdPyQDB0fpZtuZQOEnvGa_63M4cYDs_K7NhI9r1zcEbLHfpmPtnoAbwDERZk-KsHUJx7qZrM_vpvYvlRpZoCcfbTk-1ej65CwtZc0haRMWy-1wKiuBiPo5F1Qr7va1H0zeBfPatd76NtmV_ImNTsOOYxRVjKyyIO5vqD8QUJf8cl-qYZ6DabnwrqVSttODtELTPlzWraanMMchBCy_omjK16GVZ7VJeRIHWHnsRZgf5QOCBUDWRFKRg9p4Qcku1y6jKagEk5M19f2MpQyuAUGz8A8xJBbrp7wDOdJjiESsOjYFX6XE801N9rz0nxcW9jJ7TgEwORFpEyBDUPdrzaQIWTPWMVDxS2BDIFxq6rVlavt5v2QTVYa_dTcIRAV9vdeUi3KX1v8HiXcvWg5EEaUggEEkwAcoEIg23OdFODSLHKVvB6Ii5helmk9le6GNmPvRPmRkkUM3jhdd3SgoSRvfEnFj39heVaktq86Jbd4hQ-9WUwfuSQOwPl_66sK5k_GAFgAQ&cry=1&bundleId=

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

c4122f1a41b892c3f3c66de8ac770597d7526f7d4f3f9cd683ff1acd7f4e2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9HhRsHRZ5oaSxzMLnQ8wxkAQOFZTazxiULo04FIqMnMlH0ExFEaCVf6LEYQqPC5b36rCmaTuKUdUQ6koXks9O6ljZ3VeIX6vv02W4SqRQAoCZ_4IyaZnci4eFNt-xXFhrnchrq-aXwo6izS92raM_ccERhvZ1O2aYBg27N15DaBSfE9hA0nDdYXfYkD4mMYDOY8vE3y599gLbU1QyYyaQF4ddeF6XkMptsIZkAbIqHVYuKQPUuGv22osQvp9aTMdv4dXxr8m4ogqT6cMsb_hHf_Y9ZMeaadpUxv_ZolOYDABPaYWITixM4tj9DIn7D-TM6F-rxTJWvEaaQWEN36wA_nPMn_20E7UdlTL1KQm3U8gIeMZ_iI4nMwMvqbptEK4KU71T20de56bO32J07fUdxZ5X3EBYZ63yDtLFI9iy15A1eKyVojON0rq6pZxNqn3Uv4fSz56sw1hQkcez2mVdyNvvGMDaY0lG4cKTGsfD-g15MBHOkxa541oJbs1s3Q-Oa12tITbPVWwldnc8viQ-YbbwmdmIynnF1eG_K44xHsT9AYXKzWAUYOCz33iX1jP2wz2zk8Ff2ofD2tvyNxcOflXWwHzX-BIleW8A1iYUNWv3SPkr-mNUIboeMBDlbN7VU7t3UK2zxKYHR6_VnsbFRHOQtTbt0OU6nLHCm5n75Q0nw5xOUbykOTuPXxah2175xGrDvxOV-GKjpsAtlQCV6JKhaNk726uCtNlVjri9x4jRQCFEc27sf_tZwx3ll7X62OrwqN_Ep6DoZS5ZDGJ9iTqRjRK7IA_gP1tNdgwPMKNZFTTHpWrK-gsbH0FQauhgFTbG2W7pP4kT2Ea69Xwd2ImTcJXLv4eURRtJE53IgoF8KMmn294HHFE4basgtO1vQzc_X0sQq-Kqfxk3bAB_xql4hO-XLNONDQcdXDOUDBpXhqC9Cn6SrcX2r5MvQNd3ntrSzmkc7vlUcmD_J4bXZTkhDj2hjxNOeJlhE2sNqYa12cBj3SmTMYkL5ASgilnHbNMAbsmVtcek2hhA_nP5LhhdM2Rp_D21jhV3cUcqFnDLeY7Vd4DwvnAG1l7hQpL0Kv7KZQgQwPxezngSOxGAPfsy8itAlo4PSkwxh2VnhN6_RX35esERBJGUTSI4fGDb1D1DQjlHUXO5adm_EpSck7ZFPrkLMWRPL2c7fO_RC5yF2lOgYzzAf47Y9Dt4KbzyYLNgNGj0j02kPXiWIddDhKXlANd_wgIV62ErF-2YllkbeC1b6qTTiVFCMX30QXvyNkmlez6DmxHSACwK_orug2bmUg4509s__W0r40SGDFLEWTrtIP4ytiZHJ7dlmXKUrHTN9IRmBX5g52zP9iYFJ9LCFz8_divfRchLR--hwpGZ2zWcry7Tcm8fZ6FJYPedPZzqqXCwEKHDkleJRFc-G4T2oNmXWCafLWsnOueDLCPSZcTB0HowJsz4I5Frtukz7vuPR2RtMDOJIiAd8fK4jgEO1g8Q0yNvbp-JFe-B7TNp6jc10LpyqQKf8xf-tjBx0Jl2mGdcjhma9zmNg2b1deAe99Ykvs9fQp6eDKs9Qc7fAWjOvNchrIlGuHgF1xyhBvh--fTaMfV95cni5glGUssoU8aWKTqQK4Xx4nzo8QyIGXHhVz_flbjS9q9rdwje7thvN_SqQFVGaiIecX3eHIIhkzT3sIYMxx5Up28q3bBhyV1f9-uBf8tfEYucmB_0_VcbY49I-XZuczml1YKi6DXJIjV7E4o0YsrIDPScf9fS7HpPsZVdiUweCvB5HeqWeWTyAX7-UEqfVftCzoTXA67V09Vi6oEcfWsJqK03GGX96u8WyqfLaSvxSBtsbMkHuTkCfLobgn3AxOe7FOhLzpP9ZnjAsdRBJ-uYTbZWAAIipatCYxaMl5-24EUcXw1ZrP5hHfb81MRSKZdJTH_e9yx__zY05CoErzYcZ_tcJ7a7vvktMSlSgmWEmX_tn8EP1Sv1ffmxSYxfLpEEWyAZ6fy8P3tFBTYsU6tAmwGDEde1G-EzezxQB6HwrWHGgz6E9WKW54ZGV5rVNmggCWmU29WEuOhk2PB7FmWnA0HQ_nhVm0bz1D_T4p_-kchjvqr_8IVqfjf4F6rq65pWHFoICRP1FoAL4x48KmIb-mWIOuVNn3G22qC0ggCAIcQaCNkjvcAtLukL54sp7mT8dzVY4EaBjDfgijM_WzQbRnU9-09C1d58ehICQs-KQI-BryCIuqbDRXQpnL--MAFnuiDCmO_eLw627woNbWDwt3JK_L1dnwiMy-uREHF9Wsd-ZutvW-4K7cLZPwtV2Eun5qgCAUP7XI9TpXEuBbXJCF5GQypwXRgUOtSgAyCOEZRyozYftyeQuulXtvN99cnKYDV5RfrQrzzcFOnyN04jP6nPU2E9YIbUFkZVUJr8TbZ6JWIN4uq2CiJa-eh793qpzQTwrlKYcKi16tXRXrH4hykAxTN--kc9r3B-LEpE6L8SCiPGanllXAed5mLgBMJCMRiFv5DeYlpHBOHqqzrD8vxQxyZrAKMsxqnTixxxnlE_zBWOg0xuxGemYajHyT4dF-Zx77m1dZk5kAL2EGoywrVkFTeCVrREGSXP5iabseheZUHfmwD0lLELJYoeCBO3QUEdAXtpr4xDyLTq4CKFCWXGIJ50jkE15QXOols-0hyK0h4vQg1bPjX3hf6qW_zYXUzHaXuKuylXB-fu_AS4yk_fhisBPRGnQxMn4Niv9vN8nnMMzsAAQUsa8CcEjYQ_2Og2DAuIuOwkspuxrYDwl1-zRThcslvr-VgPoJnT12XIZ32oB7d6v82stex5MVyz0o4h40zX4Sq9cF47ckMB6uXsBBnN0vlWClL4jwsMeRX0kHiLqHMarg1FHI6zsrXbkB0qvbs3XhJmLTJ0ITHR6jsZzCF84MY4gnUlfkUJAQef6q_IcDBWcmzmy6FSWxzcHFr3sBsiie5zQ7B1yya_pA95QJWpDnhaCCXq0lskbPzW8NCBe4eXfpH4l9W07wu6j6vQ6DT00W6Fgrii8ICQCOWEzCexEdgG2g1kPgquL3DgJgWeYKcG-YYu18UZNBhYjHWvBvjAxgTZqV39dh7dkou2emUsv68eI073e0_AkHiqH5WKGoHuD8vag7q0WpMlpfmul5IIAi6sPO-x9LdPyQDB0fpZtuZQOEnvGa_63M4cYDs_K7NhI9r1zcEbLHfpmPtnoAbwDERZk-KsHUJx7qZrM_vpvYvlRpZoCcfbTk-1ej65CwtZc0haRMWy-1wKiuBiPo5F1Qr7va1H0zeBfPatd76NtmV_ImNTsOOYxRVjKyyIO5vqD8QUJf8cl-qYZ6DabnwrqVSttODtELTPlzWraanMMchBCy_omjK16GVZ7VJeRIHWHnsRZgf5QOCBUDWRFKRg9p4Qcku1y6jKagEk5M19f2MpQyuAUGz8A8xJBbrp7wDOdJjiESsOjYFX6XE801N9rz0nxcW9jJ7TgEwORFpEyBDUPdrzaQIWTPWMVDxS2BDIFxq6rVlavt5v2QTVYa_dTcIRAV9vdeUi3KX1v8HiXcvWg5EEaUggEEkwAcoEIg23OdFODSLHKVvB6Ii5helmk9le6GNmPvRPmRkkUM3jhdd3SgoSRvfEnFj39heVaktq86Jbd4hQ-9WUwfuSQOwPl_66sK5k_GAFgAQ&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B78E 91 KB
23 KB 66ms
11ms Script
application/javascript 2600:9000:223f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 19100626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wj-24OX6hw9y2Bpw-rZjkjgOzkKfYnMBNT2jq_oyyfuXVU9Xvh12xw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 537ms
185ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2nEW,pingTime:-3,time:42,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C171,idMap:12*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
216 B 441ms
92ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2nEX,pingTime:-6,time:43,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C171,idMap:12*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&tpiLookup=ao:koooralive-tv.net*&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 529ms
184ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2nF3,pingTime:-2,time:49,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:638,beZ:639,mfA:641,cmA:642,inA:642,inZ:645,prA:645,prZ:649,si:654,poA:655,poZ:675,cmZ:675,mfZ:675,loA:681,loZ:683,ltA:687,ltZ:687%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C171,idMap:12*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:16,sinceFw:32,readyFired:false%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 90A1 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634097/ Frame DE31 243 KB
73 KB 32ms
32ms Script
application/javascript 54.194.221.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634097/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iCKJqaB5KuGgK3sMkXEJiw
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.221.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-221-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c017bc7a4f1b4583addc5207f8f72b10d526512db16b91473d10da8d2be6d9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DE31 106 KB
37 KB 51ms
9ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Origin: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame DE31 11 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDHoqGwWXCP1utKwKKqxqmG8VQXB_W7zsH71BnmbwOcSytQYEunCf2_tdOY6IW0_I4JaWXWKL0cALIjmyf1w43H20AFKmzvvnjSFGWUy4nvvYlafb-D-d80xnzqADHjNbiYnehNKAhlnSV0OqIHjAb06e-lBzf3Wd-Q23VocZjamSppoI&dbm_d=AKAmf-CgiMdoPVt8Qk943Q2OAiDdGAHSCHJ3f0rqViVg4T7OUOdqqinVbhKwo0pIlUwFVQqtJG7ekZrCCENpBuHtwQmMYA1Wz3ZSSzoU768VqrY8p014Ww6yf5KE2E2Bt98YmZDfq5nwUOxhF61SCHpcRtKks4ZgrQtapC6gVBHOEzRZpE6-YvQ6eoBK49F7W4yanJB97yrLkrdLloZN2Ati-aWyBPAlz9I7mRm-3Bw-9KelbZf4UkfcYb1vnZ6TddR7mCEZh7Os89dvVSjhxa-bGIYcoad2av3SP2GpdpcnKhSLADoJgTgp7MjQuTokANO9oJKyrpAj1cZNgyGQiXDH_RwOJUutflNGDzq8zAsLabxRI-ud066fjWPxPtHzJ9yfgBdPgq3mxQhRKzAJFsa4YQvs5ouFQOgX9G1HcYIW0R_IcAsYnc-2Kt7X_DBFlA__zZDi1SZGpzjYV7qQaAYnpdRbXnIqBtNEpk3o_g2-6GrIe3lLhMqSIwuxTEaWvlD45jcsgZDFfrVV__KyuUdH-YbHJD97u7tqOw_e4tbzo9tVVL9P1JdfRh80jq_n57TBZ0hn0w6_JAQrNneSJhSNR5BWZEt4XEr9986-O1UYab2qI-M58oksK3oIOiHb4HKfH4tOdin29vfEFmLcVL13Hm1fIWjAAlk2ewN3A83x7d9melGam6Y4k9vJNR5buN2kN_r74pKVKNJlTldtOg7IOqkM4pygidpOV_RjKQ4rPW7u8lsCq7h_7pBp2o5XDC6sQjxUWiYwzxSG9_t4TaeaXJOWFSLbDV_xz57fveGskawQYU4Fyz7OAyAJ3Iy1rbUx8zzOOn6ppTZVLCjxVU-jRflJXVyOuamYXDvr4tkJeWGR5KwN2zW-2vQG_RCfzo3UuCnGz1Ew-kOU9RRzkt9YFlZ-nN8UMur9dApua9admuVZWmNxj61UoYeLq_cA2O3Nyc3a6OaQDqwZlUlCxmGDcgCz88AmRP0x2sLdhPp9HGXSBQiuE6HBo82gBg4xJyvKjSu7XKV9nNkqE7gM1vTsD4x_nsSUzK7B-_11dF3zADqcsdlmT2igCTPBHq9suGzhYJSvDdYReWsKQHAKQt_tqYbY_8AbMuz4-lmpDLLVnoHzfVzW72Z2BvfIB7nnnSm6YxsGgyDzn2sNZ-FwJ8SrAIH377NzHVSsINEQ5FP7q9wvroWZ9-tClJQL3EPHMom1uKeAElNEm62Tgr3AQMsceyKCLAiTBk6WUu6hZ8hoFFL-oRZPOdqbZv4im_uPf5f2ztKvmDznS0LRM8rO8zKaRfmoG5QdQvCS3E6HhkTvXv4T9mg837DU-epni2cbnARB1c6iqjyUr5TuFX3OMPfJevrgfLmbM8Icv845UNPWMPObHFKPErTDxEzkRmrQAcGUmlmU7SagMpe229n_0_53aXhVvouD7J-Xc88jWN3KmufnJjuAHlfN10XJurpwYJsLZZEskNGdgZo9v3YopZ9t7TbzYUrC0gg4ttDlcLdfe2hj5NrAmz_mstvVpw6gGr5Bhc1MuSeNOw8WKlGVh7qE-_FNAwwhEhqymraU_gDkcKl0bouYpLSlIlOxS9dh7lHB24yR3PaFiV3ru0baXlyF0D5-J-7ftWGcwqcHTYJ1WqpO6Gr8L0QhFSImJYUAauNR3MW6Q8vGWGm2WRrpTwfojJDw1lfEybt9X-GazNAG05MPVdblWmVgsKuBgcM3dLw1HaSX33zKqyGGc3JbID5BoEICT08SY-yO53gAeOHpBBZpG689Dre90EM3IHdVMr_npR0ekajlnYAGnRgrvJbJoSOoKH4M43y-azgDikz0hxhD8UIvzXrhde-ntfelaqvu0xiwMCQmfsAGiQCJ-7kcEOvhYdse2x_Qzgc5sjqt4-vmPDpT5naZ7BZW1YlMSTs-eQy0XBiCw5IErdTtTLRbpK9nwT0lFZuEaeirAkC_o1fDkj33XGXKYoDiRohLRSZVCFZd4yixIRlr4qfrqv0lD1nzAOJ-4sulM8OBqZwE0pYv9Z9J4yXiGAvXzGJQjG6BFnQuzTT0hZ_WdSsHLZMt8PRIjIvKErN1I0c5P6I12tRpqYJ9B-S9IOjE_8YoN8caIuFk-TdXS1QN6dkOYumITzMJDkw0NTe752RPqxeJrQSIHnJ3n1Edl0TGQu7iLJScCkNwp8jxXZJrucHbLjV-VYR1sLSousEMWBowFzM9tnvaaW9RiM1bqUXQL_w15FHRHKMkXM9CehYuIpiMfmQH-eQUpfsPKeI79_cUJCiktLDdO9faMTbZW1Y4DBl0wuC1FVxT6TVbz-HtYXLNBvnAPY1UgXSzLgHLqlaqCb85_xhX8uU6oGbRcZZtQgFMI-B4h3Bj0US0ulpUQCj5QynNkEO9EbpOs1lzxoXpPTIcVX9A7ueO0u4ny2HE_mdT0M0f3tqy9xS023fo6oVWt1_8vMeoUN7i3UAYgzMyWV_57dLhGRo2y000sIiLA0PwWjlKCVikxh6gnitIADvLV44vgQ8pgTXZ2WOGRQnzfpibuqzQANglxY1H18CRbgfhlOOTEZPUUb2cn6OiIaG7peFfH-bJMvyb4aL31tIiBsWyMXpNYbLDawZu3q5SDGYQqscB8pSdrviCnV_OjPZuGYVkCz3qDyN2ltfbLQYbexXZH2nrwWBoF5cANrALb5HR4WoZNgorrIs1hIwX_OaqLAwlN2R3l2jREi8cTymfbCZiwKyw2P5RFdQej6AK70P3LZEDandF7htUHhsFFNK_EME2sKnG3HM5Ms7TEzL5fzA6ni-sk3kM-D9SlfFf-zm2yedIKs-kApHJPCYJIf0rwFgJTtUv6hsZEP1haVqFwSBqDz5pD8lYSU0LHs3eNoMHr6qSLNpOpCnxwoW5XGeL0OHS8OtB0s9cP-RqriALt6u34BZyWikQknKfxg6PCenPqC4JyZi8g0Mp52_UIGOEbEhy3kCRVGmMe9EcIX7kSJHQeXt1BbfW85ypKK2d76wD0-7d-IFU6PCV-HZh5emG6QcP9Cpgy40DAIn_aHe_1Xt3hmAlD4t8N4Cj-vBR6eWwu0KLDXKwUQRTFZRRG0xVmkKPxR4-BIJUdEW768vtEi-UNFfLnn-E8wEm1zNG-HaP-S27EqnVwx914NAnOGtnVEyAni6FeMHDrStetypQ6BR2otuPoY8bfmHxt7DHvw0EdtHzHgojtsOxVpiFcpmn52DcCwmICeasrOU_u1j5_JjMMndZXWwU9q9uDlF7R7NTfiM9FDuF-tqpCjvCcHsf7V2NlR2q9MxQGS5786_HJTh8p8BKAixEA3JKa3EWy2X1fb7qY78n5ya-QvO1kmQ765Dw7VLG3u_fapYKGPzkcoLIDfVggcuyEWzA7sH0mTT7x3YyYYZv4ez2FFMmDD-TWxsOoBE61804G2SLKTXfXt0h6Gg9-bguAmNayg9UQF6BEHPIX0R34ythyAoyqwAxv78voinWzegZ7diQYr9aN1zJf28YF3BVqssikupfzTaTLVYSlk5JogpzubWW2PoKpHW4UHTAc3yLadchMl4ijiFoQmE6AKXWpn8MKEIhfMQvdUbH9VfMYl4JzuHphLAYogo4DJCxxjlPDc-A7oLm6xHJm7Dw-QlxBYeuqybLqrvx0Jl4m0PSd09fRT1BP-8UndJedvv2TCGmxArM9q9IzYHbi2_CJyyHlt65SPoa1W_RBi_OxBcKFkkGbl1ixabtOjNiKeZwZwfUBLVc8_ekW_tq9qXk7wxmOG2rdqT-n6quf0EX77jY53GQMvrsbM_bS6sYeKcuBOfUbUuEjW8aej7vriYTc6sd3B21D3xIGoe-Z57asXe4J5ik_0OwqKRP62w3WDh8lqkYwEkyxejY5LQBbXaOjt1rq-c&cid=CAQSPABygQiDnEDFAt_xxw4JvaO4FaPV492VqQw9XhLUXJDDJABiAZ3oz5uQ8BQHEhe9TpZx2zQGeVK6E6tKmRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=4022210109940551700&adk=3047537735&idt=86&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:08:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame DE31 28 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:21:58 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 90A1 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DE31 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1F38 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 06:47:50 GMT
etag: 48472445140208031
expires: Mon, 01 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE31 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57c2ca9e4f9f1094f3d2cf13acb3d7ae320991d9bf2b89a07420427a4ebe830f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame DE31
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

11ms
11ms

Script
application/javascript

2600:9000:223f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
date: Mon, 24 Apr 2023 09:41:14 GMT
x-amz-cf-pop: FRA56-P5
age: 596525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: _0zF1JWDA0i5AOeHzvRFd1EzVzTMRgmmiJ275mcSqPQyy8UCBD9NnQ==

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6087 91 KB
23 KB 11ms
11ms Script
application/javascript 2600:9000:223f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 19100627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: anl7T_bsrywJlxbA7euIhXXJccpSriyqRmLNAJwGWhah2NEULAtQ9Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE31 43 B
215 B 322ms
185ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=9f2288a4-639d-5430-170a-4821362a83c3&tv=%7Bc:bi2nIp,pingTime:-3,time:71,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQGG+11%7C121%7C122%7C123%7C131%7C14%7C1511%7C1512%7C16%7C17*.990511-61634097%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:svg.us,siq:20%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE31 43 B
215 B 225ms
93ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=9f2288a4-639d-5430-170a-4821362a83c3&tv=%7Bc:bi2nIq,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQGG+11%7C121%7C122%7C123%7C131%7C14%7C1511%7C1512%7C16%7C17*.990511-61634097%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:svg.us,siq:20%7D&tpiLookup=ao:koooralive-tv.net*&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F4DB 0
10 B 11ms
10ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xyXRPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EB84 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11054544220910830971/ Frame B1E3 143 KB
22 KB 35ms
11ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 65838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 23:02:45 GMT
expires: Sun, 28 Apr 2024 23:02:45 GMT
last-modified: Thu, 24 Feb 2022 12:30:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE31 0
0 310ms
51ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAnU6IOPwRvYMxNPzCojXuFJPRNWocyGCISDHX14ryujENanPBmmSTuXG1obzvlDJWNjnO_cyuvNSES0wr9_0CO45Pgm6GJ7OSDeaHaGqUUjW56RTCCWlyaEurVWPu9DOPWpC9BzicJjEQMPKhb_a2Hw1hPD61E_kTa0T47_Dsy36kF_I3z501dMnmvW7UqiCVGk3Ptr7MVLCvthssrWVjCJ-1qZBufM1dQRHK4GUah73wj-Y-wk4gxAjGdE5x0DnJ5k5-ReWuDNAKVjUzdAcq0V3ftMDlsd_qbF8sEgXugK99juN1pCIv21GJZCA92rlRFt8cGYkczdoRqwzcI3H4DuBILnfwV8c2AastKO6Ia9ZR6zmdPLu2lVlRdUrZBAEEndT2oI0jBYTkpMR2plgqqhGtKr89w43QsuLqPAjLbnsji1Wrd-qBoQujm5DGogIIZcyH4lAYBs6B5pkad7fXk06Q8L3DvO-ZLkg3LBk-YvwgeBpOlkaqDKtW1E393xM6iTxpdt292Di5G66RjOuLzLbQ3k_0QbcmYi4G3fPrfcN-q9o0_BB8YOuxZ8iPpR9nLs3M1BDcJCNmRlpUNklzDzIqfg4v3WbCvQ-0iW2ePf_QfnSvXlXkGhKyME6T6CXfFn5jvZW1OsgkIJoUPy2yCrXbDhh-w9KAKEeA_U8uIwjUNbw3JHGtpNn4aGD9RVMCpV4JQIz2XWokFv-CqT0tDEHovUvqOKWwPynXS_PQBHy_I8jVev3lPNQO9zZttu4avSzxIZi4IMMVTwFyWXpmlJfifOZMwqUY6MCi05KdbIvKNjrF-SsNB_bLfxLwl_as3uCKlg9iaT5IUdte-V0z9-WdMLmn0Nm4pIUqAgXOCOYCTIdxyNiogDtlcLfijUsV5B-SaAB6tZ6rEDhpgo3zt_pt17dxQcaE4ziM5O5QV-sb7EdrIixqPnvKq9YRWJpjNJJ7capli7zGnyPTO5m7IeUs963Bgn7nkcl20FNb8xt1xEvwP37HJbYPEvNoisBaglObYTvM8yHhTJ32qu-sgRiimKXHiX1g207LpbxmrOiczlOo6DRDpbcvSGlR5H-gvL38fFl2LJYfwFbknhtiEq3LXXCLdmcA3pPYxNgRxXicyI9wcjaFINsiETw4RPVrieaJ9ic1YOgtdTMx9IJR_iq9QPQ6c1U1CSK2A4TAChaaaX7ml0JlDnqPooYztRE4Y9Hyu1IGbvH5vbojWOpMnuhRUZR8zerUDDoXAY5_0KJLjoxAgpYxbzXSypSKBSCqj46k_fFeCA&sai=AMfl-YQ6ei0f4aG8LLw1hPRrkKcRJGg20Hr4XgkZvq_fWTw9GwcJOrhPJ4FZs9O4u0N-3W2uAYk85k3_QdKnZ5RiYj3PMrhKEKZyao8SdQdWcssjsyS3zRZ1vZJ1U_hD9KGls3KoaJ5waEjAwS0woAvIjPcMhZ1gsoFBe9aMiQVwn95OU70AuXgUTOazp36BytUSs-ET1DfohHT76BZoo3uxPFiv1Yv7wHTxSD1_th3MgxsVsGHPmx-ChrqS52UAJVvOVM-01wM&sig=Cg0ArKJSzMaDrVOdfSyJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=203&cisv=r20230426.64661&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1F00 170 KB
59 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Origin: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 11:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 11:36:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 1F00 11 KB
4 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-Ba2hyoZNCX1p1VAJ4q4pS_5MeA7LUY-x_dk9HqqmwjSMh-rczCWAWG70ybdwGoS6m73Q4okXRK2W9HhRsHRZ5oaSxzMLnQ8wxkAQOFZTazxiULo04FIqMnMlH0ExFEaCVf6LEYQqPC5b36rCmaTuKUdUQ6koXks9O6ljZ3VeIX6vv02W4SqRQAoCZ_4IyaZnci4eFNt-xXFhrnchrq-aXwo6izS92raM_ccERhvZ1O2aYBg27N15DaBSfE9hA0nDdYXfYkD4mMYDOY8vE3y599gLbU1QyYyaQF4ddeF6XkMptsIZkAbIqHVYuKQPUuGv22osQvp9aTMdv4dXxr8m4ogqT6cMsb_hHf_Y9ZMeaadpUxv_ZolOYDABPaYWITixM4tj9DIn7D-TM6F-rxTJWvEaaQWEN36wA_nPMn_20E7UdlTL1KQm3U8gIeMZ_iI4nMwMvqbptEK4KU71T20de56bO32J07fUdxZ5X3EBYZ63yDtLFI9iy15A1eKyVojON0rq6pZxNqn3Uv4fSz56sw1hQkcez2mVdyNvvGMDaY0lG4cKTGsfD-g15MBHOkxa541oJbs1s3Q-Oa12tITbPVWwldnc8viQ-YbbwmdmIynnF1eG_K44xHsT9AYXKzWAUYOCz33iX1jP2wz2zk8Ff2ofD2tvyNxcOflXWwHzX-BIleW8A1iYUNWv3SPkr-mNUIboeMBDlbN7VU7t3UK2zxKYHR6_VnsbFRHOQtTbt0OU6nLHCm5n75Q0nw5xOUbykOTuPXxah2175xGrDvxOV-GKjpsAtlQCV6JKhaNk726uCtNlVjri9x4jRQCFEc27sf_tZwx3ll7X62OrwqN_Ep6DoZS5ZDGJ9iTqRjRK7IA_gP1tNdgwPMKNZFTTHpWrK-gsbH0FQauhgFTbG2W7pP4kT2Ea69Xwd2ImTcJXLv4eURRtJE53IgoF8KMmn294HHFE4basgtO1vQzc_X0sQq-Kqfxk3bAB_xql4hO-XLNONDQcdXDOUDBpXhqC9Cn6SrcX2r5MvQNd3ntrSzmkc7vlUcmD_J4bXZTkhDj2hjxNOeJlhE2sNqYa12cBj3SmTMYkL5ASgilnHbNMAbsmVtcek2hhA_nP5LhhdM2Rp_D21jhV3cUcqFnDLeY7Vd4DwvnAG1l7hQpL0Kv7KZQgQwPxezngSOxGAPfsy8itAlo4PSkwxh2VnhN6_RX35esERBJGUTSI4fGDb1D1DQjlHUXO5adm_EpSck7ZFPrkLMWRPL2c7fO_RC5yF2lOgYzzAf47Y9Dt4KbzyYLNgNGj0j02kPXiWIddDhKXlANd_wgIV62ErF-2YllkbeC1b6qTTiVFCMX30QXvyNkmlez6DmxHSACwK_orug2bmUg4509s__W0r40SGDFLEWTrtIP4ytiZHJ7dlmXKUrHTN9IRmBX5g52zP9iYFJ9LCFz8_divfRchLR--hwpGZ2zWcry7Tcm8fZ6FJYPedPZzqqXCwEKHDkleJRFc-G4T2oNmXWCafLWsnOueDLCPSZcTB0HowJsz4I5Frtukz7vuPR2RtMDOJIiAd8fK4jgEO1g8Q0yNvbp-JFe-B7TNp6jc10LpyqQKf8xf-tjBx0Jl2mGdcjhma9zmNg2b1deAe99Ykvs9fQp6eDKs9Qc7fAWjOvNchrIlGuHgF1xyhBvh--fTaMfV95cni5glGUssoU8aWKTqQK4Xx4nzo8QyIGXHhVz_flbjS9q9rdwje7thvN_SqQFVGaiIecX3eHIIhkzT3sIYMxx5Up28q3bBhyV1f9-uBf8tfEYucmB_0_VcbY49I-XZuczml1YKi6DXJIjV7E4o0YsrIDPScf9fS7HpPsZVdiUweCvB5HeqWeWTyAX7-UEqfVftCzoTXA67V09Vi6oEcfWsJqK03GGX96u8WyqfLaSvxSBtsbMkHuTkCfLobgn3AxOe7FOhLzpP9ZnjAsdRBJ-uYTbZWAAIipatCYxaMl5-24EUcXw1ZrP5hHfb81MRSKZdJTH_e9yx__zY05CoErzYcZ_tcJ7a7vvktMSlSgmWEmX_tn8EP1Sv1ffmxSYxfLpEEWyAZ6fy8P3tFBTYsU6tAmwGDEde1G-EzezxQB6HwrWHGgz6E9WKW54ZGV5rVNmggCWmU29WEuOhk2PB7FmWnA0HQ_nhVm0bz1D_T4p_-kchjvqr_8IVqfjf4F6rq65pWHFoICRP1FoAL4x48KmIb-mWIOuVNn3G22qC0ggCAIcQaCNkjvcAtLukL54sp7mT8dzVY4EaBjDfgijM_WzQbRnU9-09C1d58ehICQs-KQI-BryCIuqbDRXQpnL--MAFnuiDCmO_eLw627woNbWDwt3JK_L1dnwiMy-uREHF9Wsd-ZutvW-4K7cLZPwtV2Eun5qgCAUP7XI9TpXEuBbXJCF5GQypwXRgUOtSgAyCOEZRyozYftyeQuulXtvN99cnKYDV5RfrQrzzcFOnyN04jP6nPU2E9YIbUFkZVUJr8TbZ6JWIN4uq2CiJa-eh793qpzQTwrlKYcKi16tXRXrH4hykAxTN--kc9r3B-LEpE6L8SCiPGanllXAed5mLgBMJCMRiFv5DeYlpHBOHqqzrD8vxQxyZrAKMsxqnTixxxnlE_zBWOg0xuxGemYajHyT4dF-Zx77m1dZk5kAL2EGoywrVkFTeCVrREGSXP5iabseheZUHfmwD0lLELJYoeCBO3QUEdAXtpr4xDyLTq4CKFCWXGIJ50jkE15QXOols-0hyK0h4vQg1bPjX3hf6qW_zYXUzHaXuKuylXB-fu_AS4yk_fhisBPRGnQxMn4Niv9vN8nnMMzsAAQUsa8CcEjYQ_2Og2DAuIuOwkspuxrYDwl1-zRThcslvr-VgPoJnT12XIZ32oB7d6v82stex5MVyz0o4h40zX4Sq9cF47ckMB6uXsBBnN0vlWClL4jwsMeRX0kHiLqHMarg1FHI6zsrXbkB0qvbs3XhJmLTJ0ITHR6jsZzCF84MY4gnUlfkUJAQef6q_IcDBWcmzmy6FSWxzcHFr3sBsiie5zQ7B1yya_pA95QJWpDnhaCCXq0lskbPzW8NCBe4eXfpH4l9W07wu6j6vQ6DT00W6Fgrii8ICQCOWEzCexEdgG2g1kPgquL3DgJgWeYKcG-YYu18UZNBhYjHWvBvjAxgTZqV39dh7dkou2emUsv68eI073e0_AkHiqH5WKGoHuD8vag7q0WpMlpfmul5IIAi6sPO-x9LdPyQDB0fpZtuZQOEnvGa_63M4cYDs_K7NhI9r1zcEbLHfpmPtnoAbwDERZk-KsHUJx7qZrM_vpvYvlRpZoCcfbTk-1ej65CwtZc0haRMWy-1wKiuBiPo5F1Qr7va1H0zeBfPatd76NtmV_ImNTsOOYxRVjKyyIO5vqD8QUJf8cl-qYZ6DabnwrqVSttODtELTPlzWraanMMchBCy_omjK16GVZ7VJeRIHWHnsRZgf5QOCBUDWRFKRg9p4Qcku1y6jKagEk5M19f2MpQyuAUGz8A8xJBbrp7wDOdJjiESsOjYFX6XE801N9rz0nxcW9jJ7TgEwORFpEyBDUPdrzaQIWTPWMVDxS2BDIFxq6rVlavt5v2QTVYa_dTcIRAV9vdeUi3KX1v8HiXcvWg5EEaUggEEkwAcoEIg23OdFODSLHKVvB6Ii5helmk9le6GNmPvRPmRkkUM3jhdd3SgoSRvfEnFj39heVaktq86Jbd4hQ-9WUwfuSQOwPl_66sK5k_GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hxzBtM1STHrtsqwjwNg69S&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8842205d-d75b-758c-8402-82d8b16c9763,c:bi2nEv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-hclck,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C171,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:16,oid:3df73ceb-e77b-11ed-ac34-e22686c1869b,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:08:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 1F00 28 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:21:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE31 43 B
215 B 255ms
186ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=9f2288a4-639d-5430-170a-4821362a83c3&tv=%7Bc:bi2nJv,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:341,beZ:342,mfA:344,cmA:346,inA:346,inZ:350,prA:350,prZ:357,si:361,poA:362,poZ:404,cmZ:404,mfZ:404,loA:413,loZ:417,ltA:480,ltZ:480%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B133~0%5D,as:%5B133~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C131%7C14%7C1511%7C1512%7C16%7C17*.990511-61634097%7C171%7C172,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:20,sinceFw:118,readyFired:true%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F38
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkU2alFnQUdxLU1tNmdCYQ==&google_gid=CAESEHwqnNrfgyJKPL7NwMQxbsA&google_cver=1&google_push=ATf1kGOiwFwGqJTg1nU4fnSHTG37KNIm8-...

170 B
188 B

24ms
23ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkU2alFnQUdxLU1tNmdCYQ==&google_gid=CAESEHwqnNrfgyJKPL7NwMQxbsA&google_cver=1&google_push=ATf1kGOiwFwGqJTg1nU4fnSHTG37KNIm8-xsP9vUrRauVMNg0GB3_o6wgZf5DklhioxKQkJOjjliniPSkTI1vsaOn2aLzNzBBWU

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220066-FRA
pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1682875203.136138,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkU2alFnQUdxLU1tNmdCYQ==&google_gid=CAESEHwqnNrfgyJKPL7NwMQxbsA&google_cver=1&google_push=ATf1kGOiwFwGqJTg1nU4fnSHTG37KNIm8-xsP9vUrRauVMNg0GB3_o6wgZf5DklhioxKQkJOjjliniPSkTI1vsaOn2aLzNzBBWU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1F38 70 B
265 B 121ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP2eWB-NOLAfMnpeAeeed38&google_cver=1&google_push=ATf1kGMua_ZBdvMO_9Y0X6ELy5lffPA9lhrQDYUtdNHS7Tzbs8nKOjj4DoOX1gXAqPgQIqsDf30mK1cbhexaUWAw0wqzY1enox8
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F38
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHHwcPajaQiDZ4LTD4WKGbE&google_cver=1&google_push=ATf1kGMMAVClPZ5cWWqclpH_VGNNf-Wfa7kPWVWJ9s-0qHu-Bn0pmn4hjVLOnJ85qORrGeGQCpXqj2ogFlV...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMMAVClPZ5cWWqclpH_VGNNf-Wfa7kPWVWJ9s-0qHu-Bn0pmn4hjVLOnJ85qORrGeGQCpXqj2ogFlVsVmD4jMFc3YEMw0M&google_hm=0k6-2CdLQumgBgCBfr1LK8g

170 B
188 B

21ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMMAVClPZ5cWWqclpH_VGNNf-Wfa7kPWVWJ9s-0qHu-Bn0pmn4hjVLOnJ85qORrGeGQCpXqj2ogFlVsVmD4jMFc3YEMw0M&google_hm=0k6-2CdLQumgBgCBfr1LK8g

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMMAVClPZ5cWWqclpH_VGNNf-Wfa7kPWVWJ9s-0qHu-Bn0pmn4hjVLOnJ85qORrGeGQCpXqj2ogFlVsVmD4jMFc3YEMw0M&google_hm=0k6-2CdLQumgBgCBfr1LK8g
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F38
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ5ZRmk64zPwL65O0N4nTc8&google_cver=1&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbO...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ5ZRmk64zPwL65O0N4nTc8&google_cver=1&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbO...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbOe3UT9Vy4xjX&google_hm=GkXwrGZHS4n7D_PxS6KskUpR

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbOe3UT9Vy4xjX&google_hm=GkXwrGZHS4n7D_PxS6KskUpR

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 30 Apr 2023 17:20:03 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGN5KQPnq6Ihu-pJZW6Cz-aKIZWJFD64SnMVNhcylv65a9HR-H_oviip73ttTqgSsCsm9U4EF2aVdn2B78fbOe3UT9Vy4xjX&google_hm=GkXwrGZHS4n7D_PxS6KskUpR
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F38
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJoKDKCSIfj4jDCVyyBJTaY&google_cver=1&google_push=ATf1kGMQiXYiim6bl2103TC6zFaKEzZNiSsZxomA6_sZnMcVcr1B9Sbmv6ZrhhZ5T9dw6IKZDu0WzAP63ln2tqsk...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQiXYiim6bl2103TC6zFaKEzZNiSsZxomA6_sZnMcVcr1B9Sbmv6ZrhhZ5T9dw6IKZDu0WzAP63ln2tqskclnMHxlFqMRU

170 B
188 B

25ms
24ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQiXYiim6bl2103TC6zFaKEzZNiSsZxomA6_sZnMcVcr1B9Sbmv6ZrhhZ5T9dw6IKZDu0WzAP63ln2tqskclnMHxlFqMRU

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:03 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQiXYiim6bl2103TC6zFaKEzZNiSsZxomA6_sZnMcVcr1B9Sbmv6ZrhhZ5T9dw6IKZDu0WzAP63ln2tqskclnMHxlFqMRU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: _J_Hy-sjdxZNONpKXXAQTzdjP_tqdYTfpd_5fIz7y2BIkDgLOW29qw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F38
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-bc63fd84-e58c-4048-a3ab-4dfe23b4ed7e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOb7jAKNmaFV-d9xbZ9e...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_&google_hm=A7xj_YTljEBIo6tN_iO07X4

170 B
188 B

23ms
23ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_&google_hm=A7xj_YTljEBIo6tN_iO07X4

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOb7jAKNmaFV-d9xbZ9eYHI6JKX1bPazUvh3TNLH2RtkDnYULGAlz9SM20W0oKTH2UaMJEAV_UpXkgxROt70FyrR6QBP4R_&google_hm=A7xj_YTljEBIo6tN_iO07X4
date: Sun, 30 Apr 2023 17:20:03 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXbc63fd84e58c4048a3ab4dfe23b4ed7e003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 1F38
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELQFQIuuyMmjBd5hGuzKwZs&google_cver=1&google_push=ATf1kGMw-IyVC3DUAMBPpZVRNU-Js6QUep0boN2VDGi4XQ443UEsCvVPPHVL3yrEt-56-Xr0sd7a9Mu6JaB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMw-IyVC3DUAMBPpZVRNU-Js6QUep0boN2VDGi4XQ443UEsCvVPPHVL3yrEt-56-Xr0sd7a9Mu6JaBVaN8JfmnCcVGD7nQbFA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

12ms
11ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1F38 0
12 B 23ms
22ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ll6Bc-kr6DT-gvrKHwFKt6dXcs-T6HS-XVTbg_6EGx-siTOBJGCU_1wma0ow__MHd8qrXdiw

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B1E3 29 KB
10 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 03:57:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame A0D2 1 KB
767 B 19ms
19ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:03 GMT
expires: Mon, 29 Apr 2024 17:20:03 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F00 0
0 184ms
46ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufbXhh1Xa1pHcGP4UZuW-7K6791XQAZ2NIDD4AmFb6KuIOoz3PonJ1kJc-utqklsGn-gF840CHbxWIpiipB1qBguyLMZNVLvbyPI1HLSuulG6dxNGY_DI6yyeZZCd-bjg3y7QCBjuYG1QzEeBwuTU4qx9sulkhqlZB2bK5&sai=AMfl-YTvuMSJquIFS-aJpY7bOM-uFg-pXV_i9h6f3-__0vOYv7HGPp2a20jocsdicJLD6QS2LFpqtox5haNWfOwdghTru3VP7nJl2epzcJ1VXbDn7TtnLRtWH1-shXnf7O0&sig=Cg0ArKJSzL45-OjRVDdPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=104&cisv=r20230426.74947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 1F00 60 B
60 B 89ms
18ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361198340&gdpr_consent=&gdpr=

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.10 Nagold, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 17:20:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 30 Apr 2023 05:20:03 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame EB84 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 container.html Show response
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C23 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
expires: Mon, 29 Apr 2024 17:20:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2nLU,pingTime:-10,time:474,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682875203238%7C%7Ccb109a8e90547d361a6563ca5bb9fbbd%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C8455243ab15f79b40b56fd3ce2f4bdbe%7C%7C0eec73eb97506199be00b6522cefe886%7C%7Cbe57984917627313ea553d15d8ccd6b1%7C%7Cfecc51e0435f761227d6e2548a571027%7C%7C2162a92bc937a14feaf17d15e4deaf0f%7C%7C1663701684%7D
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A0D2 113 KB
38 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A0D2 118 KB
40 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 08:32:17 GMT

GET
DATA 200
OK truncated
/ Frame 1F00 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e35f1c825c4d36a806dc04125c2def97df1efdf357c136fc7b4a80063638e138

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE31 0
0 71ms
47ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAnU6IOPwRvYMxNPzCojXuFJPRNWocyGCISDHX14ryujENanPBmmSTuXG1obzvlDJWNjnO_cyuvNSES0wr9_0CO45Pgm6GJ7OSDeaHaGqUUjW56RTCCWlyaEurVWPu9DOPWpC9BzicJjEQMPKhb_a2Hw1hPD61E_kTa0T47_Dsy36kF_I3z501dMnmvW7UqiCVGk3Ptr7MVLCvthssrWVjCJ-1qZBufM1dQRHK4GUah73wj-Y-wk4gxAjGdE5x0DnJ5k5-ReWuDNAKVjUzdAcq0V3ftMDlsd_qbF8sEgXugK99juN1pCIv21GJZCA92rlRFt8cGYkczdoRqwzcI3H4DuBILnfwV8c2AastKO6Ia9ZR6zmdPLu2lVlRdUrZBAEEndT2oI0jBYTkpMR2plgqqhGtKr89w43QsuLqPAjLbnsji1Wrd-qBoQujm5DGogIIZcyH4lAYBs6B5pkad7fXk06Q8L3DvO-ZLkg3LBk-YvwgeBpOlkaqDKtW1E393xM6iTxpdt292Di5G66RjOuLzLbQ3k_0QbcmYi4G3fPrfcN-q9o0_BB8YOuxZ8iPpR9nLs3M1BDcJCNmRlpUNklzDzIqfg4v3WbCvQ-0iW2ePf_QfnSvXlXkGhKyME6T6CXfFn5jvZW1OsgkIJoUPy2yCrXbDhh-w9KAKEeA_U8uIwjUNbw3JHGtpNn4aGD9RVMCpV4JQIz2XWokFv-CqT0tDEHovUvqOKWwPynXS_PQBHy_I8jVev3lPNQO9zZttu4avSzxIZi4IMMVTwFyWXpmlJfifOZMwqUY6MCi05KdbIvKNjrF-SsNB_bLfxLwl_as3uCKlg9iaT5IUdte-V0z9-WdMLmn0Nm4pIUqAgXOCOYCTIdxyNiogDtlcLfijUsV5B-SaAB6tZ6rEDhpgo3zt_pt17dxQcaE4ziM5O5QV-sb7EdrIixqPnvKq9YRWJpjNJJ7capli7zGnyPTO5m7IeUs963Bgn7nkcl20FNb8xt1xEvwP37HJbYPEvNoisBaglObYTvM8yHhTJ32qu-sgRiimKXHiX1g207LpbxmrOiczlOo6DRDpbcvSGlR5H-gvL38fFl2LJYfwFbknhtiEq3LXXCLdmcA3pPYxNgRxXicyI9wcjaFINsiETw4RPVrieaJ9ic1YOgtdTMx9IJR_iq9QPQ6c1U1CSK2A4TAChaaaX7ml0JlDnqPooYztRE4Y9Hyu1IGbvH5vbojWOpMnuhRUZR8zerUDDoXAY5_0KJLjoxAgpYxbzXSypSKBSCqj46k_fFeCA&sai=AMfl-YQ6ei0f4aG8LLw1hPRrkKcRJGg20Hr4XgkZvq_fWTw9GwcJOrhPJ4FZs9O4u0N-3W2uAYk85k3_QdKnZ5RiYj3PMrhKEKZyao8SdQdWcssjsyS3zRZ1vZJ1U_hD9KGls3KoaJ5waEjAwS0woAvIjPcMhZ1gsoFBe9aMiQVwn95OU70AuXgUTOazp36BytUSs-ET1DfohHT76BZoo3uxPFiv1Yv7wHTxSD1_th3MgxsVsGHPmx-ChrqS52UAJVvOVM-01wM&sig=Cg0ArKJSzMaDrVOdfSyJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=441&vt=11&dtpt=235&dett=3&cstd=203&cisv=r20230426.64661&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C770 624 B
242 B 55ms
49ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNWJfu8QDmiH4Vnqu2EtbjTsQMmi5S65sUuU-UM4HTmdhTBQDyBKdG4bd7PnO4Vmzzo0DVd8bxR3WWpZOqduk9JjcTBBVX3WHOKkd97U0uY5yRg9PF_dYQ3LR_q-ujnDYFelsSCR-b4BzTdbhp2UYpw1pc7rxTs1MVXtt7oSNaB27Hi26QI

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4C23 78 KB
27 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C23 42 B
63 B 113ms
109ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIByMVvENX5TQU-KtjhknVIthHIPIPZWb5tbWSzMpJ6TXc-tL3W3S2PLPmvsN0-XyDuUHGqY4nunH3h2TcoKzbibPfteYKHC0FmPO9dzvw8hRePnA

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C23 0
20 B 112ms
108ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15389491847881707032&x=1&ct=76

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/70224161/xbbe/creative/ Frame 4C23 251 KB
76 KB 36ms
32ms Script
application/javascript 54.194.221.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJns70MsCBWlMtlhAwYwIO
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.221.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-221-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a6d7a1dd7f78500b91b3e8223be83276e2e533777de305e9f5983f988405b1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 4C23 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 4C23 19 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4C23 0
0 18ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqT4eJClM2UlgrUBzo9g_iuHVL8J4NPN0a-ENx-MnYkI0AB0quK67p0-4qMdBOkBbEbXMo1gN91pAAnL_VLHG7DHH8yw
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C23 158 KB
48 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 94ms
92ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2nN8,pingTime:0,time:550,type:pf,im:%7Bpci:%7Btdr:532%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D,%7Bpiv:100,vs:i,r:,t:550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B545~0%5D,as:%5B545~728.90%5D%7D%7D,%7Bsl:i,t:550,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:505,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:319%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE31 43 B
215 B 94ms
93ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=9f2288a4-639d-5430-170a-4821362a83c3&tv=%7Bc:bi2nOd,pingTime:-10,time:431,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682875203238%7C%7Ccb109a8e90547d361a6563ca5bb9fbbd%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C8455243ab15f79b40b56fd3ce2f4bdbe%7C%7C0eec73eb97506199be00b6522cefe886%7C%7Cbe57984917627313ea553d15d8ccd6b1%7C%7Cfecc51e0435f761227d6e2548a571027%7C%7C2162a92bc937a14feaf17d15e4deaf0f%7C%7C1663701684,sca:%7Bspg:8842205d-d75b-758c-8402-82d8b16c9763%7D%7D
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame B1E3 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:30 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame B1E3 3 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:37 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame B1E3 6 KB
2 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:48 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B1E3 12 KB
3 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:27:52 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B1E3 4 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:29:57 GMT

GET
H3 200 970x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame B1E3 34 KB
34 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/970x250_kv_paar.jpg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490a0a636b6524b952dc10a3968522b48f663b70f0ae12aad99bc22bb9330cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:16 GMT
x-content-type-options: nosniff
age: 707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34678
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 10:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:16 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C770
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNWJfu8QDmiH4Vnqu2EtbjTsQMmi5S65sUuU-UM4HTmdhTBQDyBKdG4bd7PnO4Vmzzo0DVd8bxR3WWpZOqduk9JjcTBBVX3WHOKkd97U0uY5yRg9PF_dYQ3LR_q-ujnDYFelsSCR-b4BzTdbhp2UYpw1pc7rxTs1MVXtt7oSNaB27Hi26QI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=492
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C770
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1&google_hm=2

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNWJfu8QDmiH4Vnqu2EtbjTsQMmi5S65sUuU-UM4HTmdhTBQDyBKdG4bd7PnO4Vmzzo0DVd8bxR3WWpZOqduk9JjcTBBVX3WHOKkd97U0uY5yRg9PF_dYQ3LR_q-ujnDYFelsSCR-b4BzTdbhp2UYpw1pc7rxTs1MVXtt7oSNaB27Hi26QI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=491
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF8SJxIZ6L3dVM0WGgCjjCw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C770
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENBFOniKQXbrBaN5NpjqqcE&google_cver=1

43 B
1 KB

12ms
12ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENBFOniKQXbrBaN5NpjqqcE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY04Po4gEwAQ&v=APEucNWJfu8QDmiH4Vnqu2EtbjTsQMmi5S65sUuU-UM4HTmdhTBQDyBKdG4bd7PnO4Vmzzo0DVd8bxR3WWpZOqduk9JjcTBBVX3WHOKkd97U0uY5yRg9PF_dYQ3LR_q-ujnDYFelsSCR-b4BzTdbhp2UYpw1pc7rxTs1MVXtt7oSNaB27Hi26QI

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:03 GMT
AN-X-Request-Uuid: e901ac60-2255-4691-af75-325a1de27c91
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENBFOniKQXbrBaN5NpjqqcE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C770
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 30 Apr 2023 17:20:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 254e84d7-fc46-4aa1-b24a-37d8514f5d54
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F00 0
0 47ms
47ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufbXhh1Xa1pHcGP4UZuW-7K6791XQAZ2NIDD4AmFb6KuIOoz3PonJ1kJc-utqklsGn-gF840CHbxWIpiipB1qBguyLMZNVLvbyPI1HLSuulG6dxNGY_DI6yyeZZCd-bjg3y7QCBjuYG1QzEeBwuTU4qx9sulkhqlZB2bK5&sai=AMfl-YTvuMSJquIFS-aJpY7bOM-uFg-pXV_i9h6f3-__0vOYv7HGPp2a20jocsdicJLD6QS2LFpqtox5haNWfOwdghTru3VP7nJl2epzcJ1VXbDn7TtnLRtWH1-shXnf7O0&sig=Cg0ArKJSzL45-OjRVDdPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=313&vt=11&dtpt=203&dett=3&cstd=104&cisv=r20230426.74947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 17:20:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C23 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=612527458014&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C23 0
20 B 108ms
107ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=612527458014&version=m202301230201&ct=76&x=1&cor=15389491847881708000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4C23 15 KB
11 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amkhw4Hv11ERCBxM5bwpRpBZrETJPsYKZ-tUMHZwkU_BKOlkpG-O9coLa678OMaiZ1r-oM5oFPHW4SunoIu_-LN3dy4yMSQ8uyHNt3aFrnb4td-ujS_Rh6jYDKs3rpp2sDGILxaWIxeBhmfFD2cWO-ucRSrv4K3UkJl3EREN79_oRUWfs&cry=1&dbm_d=AKAmf-BXLYCEfiCb7eXRjzag_IBrV_3IxMBpp0nEkf09Y0iiLXynluKbbgjIZ1UN2lcZcwlUR3GVllD1SxL_DK5LCX_0AeK1ooSsXfikTfroeMUG7QILBEZFlpqA_ApkQ5-yIMjrlnm4akYiitE3lX5leYdZ-kVzIEFhndmRRPBLaM-XMsmwQGhPkv7AR7LtRefHETLXJru3_LKm6G5hNZWxKfLbsgmpkbxfb4cNOBdSPYzmBHp6Flbbs3JTasa6lIK4iA7GIIO7_7WNPYpQZ007eBYZ8uFPyfPZkToNXeVMNJkEB8PCktlp4EkJvES8HntnIuX6PDIMJ9Ag5DmDYzLE2pmm5PCj1axFwJA5pBNanwp6-_QmjSjTbp6ZDX8UJAenDro9AnjzF49Lun7_tfGTYNHpQg4LwFmWfif-Ng1j2J7YWesdzVtQioKhE0p4IuhFjMsgvaSaXT2T2y8IWifE01ayT3Kc3KVnteTCUNmN4MMUCo21v1CxhIJANpdN1NFXtQRiPwlpOVnO0FkLfKdsS-mjB3BV1o090VtgCZvbj4m9xWKac3j4oxJcuO1FrOtj0ja1wU-qBOmXT7Pz8c5teFqOxp1p2uujkKJvjMsUh4VwdaNCPkurQ7X6lpRYnjhVSl-zBOXlN3Hvb1O3Z1Y4L5hnsRYMGwgy1xnrCwMJ9LQGqfpjbznmfsg2WnJpS43GiqA7DnQn9MmIwUrGHsjXOoVwB3evSFRuqtGci1DXrshHLWzbCqPsiQvYEXn_QXdEOiOW14qew8RQt7V7tL_55Ybg8_UrXpZNCYm453WyKBiKTdBHwel6Xz-zuovMb291zMDP3-DrlNolnr9S-1d5v0fngrJ4PONA7H-OVr-vwHoqqNw6h-bRFO0zEvReWVWkGUHrGAsj9NCfpItSnBnygHW_Dn2mNglcAE6yBL1eUde40EkYE0Mp3Ple1t_UBawpY8ye43Uf-UrLYHkPPeaIyW_DD7tuyrXmQrKMA16CErpESOejz6QKnj8AGBz_Z1WZStEVo2hPmc8_eWA7j_f_sxhYwtgTxdoH_SWazbWUSIQoSubXgFIgiVxaQhNfFlOegPW1I80uxJn5ChkJbGkD1SDNXQqDyzkWqwGTEbtgJiAGxtxMEbOMYG8pSQ-VPbwVAMWXm-9er6jbfKGuBxJyukvraSXVFQ6HMKfYCeeO5oGIFBP3KtrY-F7KXQrRPhWnESoax90d6sjFpJPX2mm9AvbzK9KnizBjsz1psfSlGjidXCP6KisFVyM5Zsah4IJDtvCPLHYYxxOjkaUrq9wU8QBeUjSKl8zoJGprUHu6JZAyCSK7UmUXjmalQncHyj6IkqheUal7o6jAUm-lCXZYyxuty8nppjo8iqX6NmDPs7z101Z2Veqf_8NksnMmAcBSia_shBVNYW1EDwf5P-CIRYP11rt_AkQT308tLWUpzoHexNFAF8nvb6ttV1MgFdFYKoqv9YfW_V_joNQr_jwvx4snes-dIDGAkAwYz6GsUIBGp2o7onnpCAkiQhCr-2EDmTja_pKCD5VFd4lqZ6n_gcuK9cGiXD2lrGzu0a8wvT6X5ZWWSNuIpPSeitc2Ii_SGauqtweihRPA4wnjwtSPdwvrmdcajZCKoCzPsyrxjvR7vHh052cdrgcBu2XxHVYR931y3DLBsC8-_QuJphH1Z_Y35OF0hD0W1pPsbPpvddqUtIguUAD1iQFZDJxc5PMHcdCLtB8_xcesSdEB3euOydtihX77sGXvzZnL__oCWd5oOoPYnvpJ7Dey2khyYd5Pc0JuoF-muICR15t1esRIBFxAy1klcxQRIj_2Lvcb001_qxK4XW-2Oke240toOkivooHqi7BOXaa3p9-1frfANaMUPEXf8iDmfwsPpPF3rUVeKK6MCqKhvGQafHgIpSC-HTIqtLjcSPU-2kCSqRzxl2WNX7sMz7m_ZvItd3wu2FW-8udj1JGYclCRrPhdzwwuhFCByxj7uCUNLBOAq5zC5YGS7lOc-R_qDEXStXssM-SdfH1IgPwTJSy2cpflwlib16UK-8ySf351gQy22zWd-GUXIyNPDAtEMBxwy4Z0MUFvN1FvpovwRFiwawOSHzWZ2vPCs_MLFBg-7BZSK9t5WNm0kdfseqllGpjvdJnMBPFmp_p-GAsXRSk4sSzjvdArfMglGWnvRpppeSNXcZ8jV6smioCWsVmGGc-uRQHO5bKDNg-8I4SNRXIZ52SXmV_EZTpZEtvWaXNlU23r5Ji108rGkLuK2dE0NGPaDPv9BkmNK85UK0_Yu0AJ-5mrD6BFoLLT83mvLlcQn4Y62zPDSDPt5XN8HJREL6OgNOkUJC6ct2b-OfQ97jbVvwgTMgvPUQyb8M1Grgk_FLnsKgDW5D-eOJW7HgskSvITK162qt-N2TxTB4bjNBE3gFEgr_fOxI2AQQKURFI2shxNs5SMS_-Zc3unqLHeu5DQc1Xez2svMfyW95HaHS3Mm7X5TzxaFx8NnHFUgwQinHMY9m0yGxdbzTb2_IM3QTX8cX_QjhsQiiLvqNr554xQomfz1bOllNwIijYqHqNqrdkRT7JnDJQFR4U7_PU9RChWo8-IOjTbo5Oi9IV0V0LnJlDWbbDMiMuk_XiifQ-ASUqqFONOU1ic5a-1_96zZO9nE5LsV20QV5G3MMOzK3j8lfDn9sNnEanDJn5gWdLIYzESpK6BLRG2RnLiHnd0Z-BCQe1ybo7XpkoMgrMi_MyobscbffJZ4_DLxzBffrk72eo7fi8BUPQ2j27U_dchhO4HOwEFBe4QWXEQO48mFLTOdEz29CpygsSLKCB2xTBhkPrS101U7ENV3NyaSfZ9v8Qp1A7YwAsbgMuG8whqS9u2JmYq6kA88yZsCCSjtPFFXIHK_9wm97JbP6Yh17Jh4UUoFaFKcRO0b0vT9hT9b7DTjNEhSs9fvNhxO2GR&cid=CAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=15389491847881708000&adk=2857193498&idt=68&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24b7112b9aa151a14f3cebcbd3812297a032664a4c70c048fac25f158d0a14b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90A1 0
20 B 115ms
115ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj4pVQqNOZODELInd-gb-lYaIBQAAAAA4AeAEAg&bg=!9_Sl9KDNAAb9Sbh13Uk7ADkAdvg8WofEHYAoedGZRstulB05HUM6A7_jIUHjCo-8befjwL0fRkHo5tJUtRd5sbIRJqy5AOes-MECAAABW1IAAAACaAEHmQMn15RIQ2n8ekPKv7WUUcubhgQl7UqChOnwSg2whdyLNfzVNolwEeeSR_Bb2-TB11nihJx2__wlKjYQrQ7Xzz82SXGAX1GhEIZtnbmcros4EC2rKQe9-Ebig2hMk0nBx_EG0Ubk9vFu4Af4FR3CbfWthO6dUF_pndclzR0_-4gyAi8iFJuTPjs1EpwS982kV59RiATsTcJlBlU9rD4f4XSnx3IbMVn1d4V0ljxfZXqKjeNwrQDuCCxZ4J3-Y6OfOWBJTFk05mPX27CIO4Am0L3vUZ0tZDMaLfo09qXize3-UsR151R4kyJHmh1lBgQH5M25k9fD27CRvYskvmUTghuqitfWPmN2jtqdJw5nYBP0xcmsu-8LM0mhWMYUKDngzL6QQ8pbMUeQKuXfzgaaNtcfZ0xYzqgkVgOvUow_HsPNQA2yoBqqQwaKqk1aodQM1o3YUJEWsKMTTIajuBKZ--VClo3UUKHIV04OlZDarAarqOovLULjUlgUtUWseqT88GwGm2JW3Wd1BHQBNvufjoECeshz_eTD0v8lh99f82SJmrrMBbGjXD28ky_KT7vLrFHmHv3cfs_Ob0OdK4dj2ONkxPcNn1oJO2K3Npqk2G_4wKbDTWeHFqfxlsAPdtWEEJa8MjsUMFLnDajGxWmpt3Lfd_4JFOsuQ-ZTHWOe51IFwXmhYO-9LxmoGwsM9gJ9YFoO6CDNf1IoC5-ZTgEc1HY9_ZakGlhl4Jxo1aSIpvGHgm-9Fqg8LyscbHg5QTZEeMHEI34L4AYHQ2U_V-TyAI9QRb7UJt7hy2XxE1M0pbJwDpsCNuU3Az5zInJvTV6agpSLfjTEb3M9Xqt3dvJgAfDMz0EHIgPA5zrzzgZLO5r5P9lv1342Q-SGToistIWOB59bzOd5TP05h7zF9e--_OVDwGf7mxcgK2wFxmLE0hkOPY4PFNQWV5G_dRO23xZcMJjngescCFUYWLKWFfmyiSuA7SXX046MHCLr4YyZNsMS7QyT-BIEZIDXirA43LQ5u7t6VRPfc4d9PTsc4piwfYzVo0EK4WXe-eVi82gtn_w8-gPtFJfG2HAE

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame A0D2 2 KB
821 B 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22105c51ef3cefac91beed7a89642951165c0e2f293c1c672572433e54cbf7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 12:33:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:20:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A0D2 7 KB
6 KB 50ms
49ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95091f522ae123b3f0e06ee823244f29c5a9f318a918e7cca9ab36be56218e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C23 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amkhw4Hv11ERCBxM5bwpRpBZrETJPsYKZ-tUMHZwkU_BKOlkpG-O9coLa678OMaiZ1r-oM5oFPHW4SunoIu_-LN3dy4yMSQ8uyHNt3aFrnb4td-ujS_Rh6jYDKs3rpp2sDGILxaWIxeBhmfFD2cWO-ucRSrv4K3UkJl3EREN79_oRUWfs&cry=1&dbm_d=AKAmf-BXLYCEfiCb7eXRjzag_IBrV_3IxMBpp0nEkf09Y0iiLXynluKbbgjIZ1UN2lcZcwlUR3GVllD1SxL_DK5LCX_0AeK1ooSsXfikTfroeMUG7QILBEZFlpqA_ApkQ5-yIMjrlnm4akYiitE3lX5leYdZ-kVzIEFhndmRRPBLaM-XMsmwQGhPkv7AR7LtRefHETLXJru3_LKm6G5hNZWxKfLbsgmpkbxfb4cNOBdSPYzmBHp6Flbbs3JTasa6lIK4iA7GIIO7_7WNPYpQZ007eBYZ8uFPyfPZkToNXeVMNJkEB8PCktlp4EkJvES8HntnIuX6PDIMJ9Ag5DmDYzLE2pmm5PCj1axFwJA5pBNanwp6-_QmjSjTbp6ZDX8UJAenDro9AnjzF49Lun7_tfGTYNHpQg4LwFmWfif-Ng1j2J7YWesdzVtQioKhE0p4IuhFjMsgvaSaXT2T2y8IWifE01ayT3Kc3KVnteTCUNmN4MMUCo21v1CxhIJANpdN1NFXtQRiPwlpOVnO0FkLfKdsS-mjB3BV1o090VtgCZvbj4m9xWKac3j4oxJcuO1FrOtj0ja1wU-qBOmXT7Pz8c5teFqOxp1p2uujkKJvjMsUh4VwdaNCPkurQ7X6lpRYnjhVSl-zBOXlN3Hvb1O3Z1Y4L5hnsRYMGwgy1xnrCwMJ9LQGqfpjbznmfsg2WnJpS43GiqA7DnQn9MmIwUrGHsjXOoVwB3evSFRuqtGci1DXrshHLWzbCqPsiQvYEXn_QXdEOiOW14qew8RQt7V7tL_55Ybg8_UrXpZNCYm453WyKBiKTdBHwel6Xz-zuovMb291zMDP3-DrlNolnr9S-1d5v0fngrJ4PONA7H-OVr-vwHoqqNw6h-bRFO0zEvReWVWkGUHrGAsj9NCfpItSnBnygHW_Dn2mNglcAE6yBL1eUde40EkYE0Mp3Ple1t_UBawpY8ye43Uf-UrLYHkPPeaIyW_DD7tuyrXmQrKMA16CErpESOejz6QKnj8AGBz_Z1WZStEVo2hPmc8_eWA7j_f_sxhYwtgTxdoH_SWazbWUSIQoSubXgFIgiVxaQhNfFlOegPW1I80uxJn5ChkJbGkD1SDNXQqDyzkWqwGTEbtgJiAGxtxMEbOMYG8pSQ-VPbwVAMWXm-9er6jbfKGuBxJyukvraSXVFQ6HMKfYCeeO5oGIFBP3KtrY-F7KXQrRPhWnESoax90d6sjFpJPX2mm9AvbzK9KnizBjsz1psfSlGjidXCP6KisFVyM5Zsah4IJDtvCPLHYYxxOjkaUrq9wU8QBeUjSKl8zoJGprUHu6JZAyCSK7UmUXjmalQncHyj6IkqheUal7o6jAUm-lCXZYyxuty8nppjo8iqX6NmDPs7z101Z2Veqf_8NksnMmAcBSia_shBVNYW1EDwf5P-CIRYP11rt_AkQT308tLWUpzoHexNFAF8nvb6ttV1MgFdFYKoqv9YfW_V_joNQr_jwvx4snes-dIDGAkAwYz6GsUIBGp2o7onnpCAkiQhCr-2EDmTja_pKCD5VFd4lqZ6n_gcuK9cGiXD2lrGzu0a8wvT6X5ZWWSNuIpPSeitc2Ii_SGauqtweihRPA4wnjwtSPdwvrmdcajZCKoCzPsyrxjvR7vHh052cdrgcBu2XxHVYR931y3DLBsC8-_QuJphH1Z_Y35OF0hD0W1pPsbPpvddqUtIguUAD1iQFZDJxc5PMHcdCLtB8_xcesSdEB3euOydtihX77sGXvzZnL__oCWd5oOoPYnvpJ7Dey2khyYd5Pc0JuoF-muICR15t1esRIBFxAy1klcxQRIj_2Lvcb001_qxK4XW-2Oke240toOkivooHqi7BOXaa3p9-1frfANaMUPEXf8iDmfwsPpPF3rUVeKK6MCqKhvGQafHgIpSC-HTIqtLjcSPU-2kCSqRzxl2WNX7sMz7m_ZvItd3wu2FW-8udj1JGYclCRrPhdzwwuhFCByxj7uCUNLBOAq5zC5YGS7lOc-R_qDEXStXssM-SdfH1IgPwTJSy2cpflwlib16UK-8ySf351gQy22zWd-GUXIyNPDAtEMBxwy4Z0MUFvN1FvpovwRFiwawOSHzWZ2vPCs_MLFBg-7BZSK9t5WNm0kdfseqllGpjvdJnMBPFmp_p-GAsXRSk4sSzjvdArfMglGWnvRpppeSNXcZ8jV6smioCWsVmGGc-uRQHO5bKDNg-8I4SNRXIZ52SXmV_EZTpZEtvWaXNlU23r5Ji108rGkLuK2dE0NGPaDPv9BkmNK85UK0_Yu0AJ-5mrD6BFoLLT83mvLlcQn4Y62zPDSDPt5XN8HJREL6OgNOkUJC6ct2b-OfQ97jbVvwgTMgvPUQyb8M1Grgk_FLnsKgDW5D-eOJW7HgskSvITK162qt-N2TxTB4bjNBE3gFEgr_fOxI2AQQKURFI2shxNs5SMS_-Zc3unqLHeu5DQc1Xez2svMfyW95HaHS3Mm7X5TzxaFx8NnHFUgwQinHMY9m0yGxdbzTb2_IM3QTX8cX_QjhsQiiLvqNr554xQomfz1bOllNwIijYqHqNqrdkRT7JnDJQFR4U7_PU9RChWo8-IOjTbo5Oi9IV0V0LnJlDWbbDMiMuk_XiifQ-ASUqqFONOU1ic5a-1_96zZO9nE5LsV20QV5G3MMOzK3j8lfDn9sNnEanDJn5gWdLIYzESpK6BLRG2RnLiHnd0Z-BCQe1ybo7XpkoMgrMi_MyobscbffJZ4_DLxzBffrk72eo7fi8BUPQ2j27U_dchhO4HOwEFBe4QWXEQO48mFLTOdEz29CpygsSLKCB2xTBhkPrS101U7ENV3NyaSfZ9v8Qp1A7YwAsbgMuG8whqS9u2JmYq6kA88yZsCCSjtPFFXIHK_9wm97JbP6Yh17Jh4UUoFaFKcRO0b0vT9hT9b7DTjNEhSs9fvNhxO2GR&cid=CAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=15389491847881708000&adk=2857193498&idt=68&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4C23
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rd...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3...

74 KB
24 KB

49ms
48ms

Script
text/javascript

66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

7a58cfadb979b097ea9dbd548bc47368aa929d965244d27dd0460cadb5e0e066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1B27 91 KB
23 KB 12ms
11ms Script
application/javascript 2600:9000:223f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 19100627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 4dY6wk_EZF8DPtgXg_2qWUIJ-Mn87jusxhFemL-g0vlJ5al-xSlhsQ==

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame A0D2 61 KB
17 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a31dcc8145cda5077f9e148f349dc3efa073e864648d0608e5f5b6abbcfb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17826
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2nQw,pingTime:-3,time:48,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQPa+11%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 94ms
92ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2nQx,pingTime:-6,time:49,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQPa+11%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&tpiLookup=ao:koooralive-tv.net*&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A0D2 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2nQV,pingTime:-2,time:73,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:264,beZ:265,mfA:266,cmA:267,inA:267,inZ:271,prA:271,prZ:277,si:282,poA:284,poZ:305,cmZ:305,mfZ:305,loA:313,loZ:317,ltA:337,ltZ:337%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B68~0%5D,as:%5B68~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:19,sinceFw:53,readyFired:false%7D&br=c
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A158 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 300A 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB84 0
20 B 117ms
117ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbcYHQqNOZKDiL9Gs9u8Pv9uz0AcAAAAAOAHgBAI&bg=!jI-lj9vNAAb9Sbh13Uk7ADkAdvg8WudGagPjkS7OWK5xXwxMwtBPCj3RwZ9STxMc0G3-gB80YLpkUMHVh1ceACPd-RI5XElPkVQCAAAA5VIAAAACaAEHmQM2hygfij9dl4pvsK1VHlcmtwK34J_aVUcZ8PyhYc4yIYu1g2zy8fUA4DxhmAr6juFn2nH8N_AgXpmO2fjain99FyrZOVX70i_4C9hSfpu5bHP4w2ZJxx3-0Hv7fM23iRMyVFUKXXiVNNePYkNIEH2MbPnRsrS2g72IIq8C2Oh95wmwPbImVPBEVeSeL9D6FdfkFOE0GqpIWGHB1UAbdjFTp1ssASH6H5ooBnA8m6wKum0ffq4lBd17wQ_McBpsSVS-44mloUSUsuT9IcuRn4k-KOHermTXyLS-nVgXgi3EdHxD0w7i0_NdwauzcXJ0UIY-KwWn4WIesWBY25ze1rTyCGnU8Ezn-K80RHo2oZpz7N8LGyEuCpmu529-9N3301enNfskwS6-u1c9INkghVZZNVx3R1vmJNEZftMptqW2iIBcJit8ha-4MzIVCFU51dJTcR0JdRnE5rbbG17kc7uCD7jmmwWswhdqvacgOyxXA42AHOPddTVpetK6_kHdjb3JgncSQB8oMGwZ2iT-_0is_XCuqY2piC23FFE6gnfG9v08eiI_NyTDP-TZwdTRwFIPoxUq3yjMJ6ErCwN60nqnWdbaSqUglgB7Eckuj9pSkQheP9wWReXb7oX8IZOIN6QzJv_xkg65dgoZwnlJ4VFnnAvD7WzF8exFpBVRZAQFNgdHP5je6kod3tA9PX1qqDrXvdRDheEmzcGRKmQK-s4yb6ZrGpKlfDAdaNzCOfvw29ptSrxcXEpWP8KBxsZxxieu-2cAAf8BOxE81ADEcw0rJYLllwMvZ7oKRMD3s35hhTKA8mfCwqdOhhHiiPEuZr5hlqQIESCm6PbM9xCvyTMJWfoaTn5YLVoIYuBFXoJ0gau9b-nFYRQGl97Cd3JJcrE1YIQhotdJr3vB_HVx7uakIj4MCdcSAyOErPDKIQQrkbdPGfPiOvOIfd8WkUIXvpRZd6gwQ6iZy4ajjsEX21CQeETPaGJ1nflgkPVPeHMkuflAUMGz2SxNctqk8fceEiiY3fOloRVGqO8Aq7LA9d3PhCV2iZ2IDiEyf0wHKeB8FL65VEi4mcKTB22ZgdC8jXkK9uZOizXE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame A0D2 4 KB
2 KB 10ms
9ms XHR
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:53 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame A0D2 5 KB
2 KB 11ms
11ms XHR
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:25:17 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame A0D2 2 KB
1 KB 11ms
10ms XHR
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:27:16 GMT

GET
H3 200 NH_D_LA_Wall-Flower_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame A0D2 81 KB
81 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_LA_Wall-Flower_728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36fb8b973ca16b28c844f2b17e1cdce0236318f53581b3ce3007d95960be3488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:10:20 GMT
x-content-type-options: nosniff
age: 583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82432
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:40:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:25:20 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame A0D2 50 KB
50 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=D38S8LwQcU&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:12:51 GMT
x-content-type-options: nosniff
age: 432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:27:51 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame A158 36 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4C23 170 KB
59 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Origin: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 11:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 11:36:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 4C23 11 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJns70MsCBWlMtlhAwYwIO&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc,c:bi2nQ2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-hclck,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tCVSQPa+11%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:18,oid:3e7657fa-e77b-11ed-ac34-e22686c1869b,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:08:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 4C23 28 KB
11 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224161/xbbe/creative/adj?p=APEucNUikS7-ZaiM4zwWdwd9_nwNSgtAYECuawWJcL3XlrObBuTF4yo&d=CokBAKAmf-BiVwArssJbZiqJFZV8UOy8vREB-PKLYVrsJyU2_HBG9n9-FTRp6Rdv8rNswZ3a7QRrkavLrGcClGvw3NBqze2ePCcIDzWBsfUAk0fbbjf6misiDVcOixTTxXiyE0ltj5YnY1Vl-7zMt7vbtn-G4YSgJYBkQFYiuNSs7QaQx9dGRDTsbnsSmRQAoCZ_4Er3HmMV86wbwtUPvBTt_cPEaUdjXqHCcYgUmJIhFWwbE13LOe1ZC-8FBMb0iyLThxDORChD_uQLIBsVYPhHSrGPW-nXJVbaqq0Q84_xxJMzyrx3pA1AZK-XSuRmJL8pBw1EOqY2TIYU1eKCjz9amQnEcRO9upFfPzAYi5Wh80haSB9fQF4gPQIV2gAHsUb-UANS9rVbJow2nAdFNQQ_rfDbvoC47RzI5PKoi0KqN5ONfqvxTVNwRfoDRvxdKBGompzbULbnxbW3tDr7-G2Rf0ilEb33wZE2ly64vg1oQKclH7aFZo_aEEZqsObr4JGEs8iHkJAaNwZQvlR6vQBryYOUMWAwu_-RJQzV2P3Bf2nAS0SyQO4XqS0nTpe4zXqBSnASaJZ7pwVDt7sg7kvrdUA0OPXFC10Ifkd_rGTlTJSv-Yd8-z7g0iAaDw0WzfZDz4UltBVqIQxAm9ug7Qw5oJ_0Slu5eoGF1yaSHstAo0jRFLdZkdd1wfrB5wnkV6bMfOawnzIDjetzdV1MRYSufBbtNLE17L6DF9sqy9eqQ0QWkD1oSAt_b_F8KxXkrxVashqLOcX53V_mvsoU0J6DjVR7nU3s6v97bHLg9cTJAIJdRkJqX_fJq-i_hz1O4Itp2zWhsyi-4K0SAo38LvjlDroo5TfTiiSAvKLOGl8GR5hlDRkskv-W3SIKsA31APAE2o43Omq-N-3rs1OMSiQlw-opdc9niuFzWgtxfdobahBhRR7gI_Taw6XdFYTnPW-uoVezZP7k2LypHXwtMN1EUYSyfFShQluFSIwzo4gaPTVpPPdvl6uptFj42ekm0YssP_liN2D_dZLWX7xs-_S9QCUcMiQBehcPlKS6rpcZGVk1ekZqiRHiInYw5ErdhUvpXeRbPupIoRPIGGNZVxjxBsE9txAnw99VQ9FDorBVpv4br9CsQ2E7rl0x0JSbWn0DmBPaYZ5tVL8piQG0rDWJwfpcjJCXzb3Q1MoY5aSDP1TmsuknONKsKjyAM-L8dCm8u7Hr2qSdoatDiw0Fs-bM0O1o7EAxg8QyVeJV7NcT0axyuNe20ogKx_7oOSyv1VxoYaH2VAHrHun6OTbwqv4SQceL7Eq8avfjqnxB8ql88wZYhNXNbJqkgtCVWTqujKiT6RGu1eOWXARtGfWdxkq8n6_OvDdWN0cF7npOemYAyLpvqXUoFsfKv2SuFc1MfLZ6mGHDrA1hFV27YRMHluh-__SrtkxkHeTqZSP_yQQQtp0f1COLxuWsrA3cSYqDAPN_tA3qQwZpp22w_OoATcPN4_Wl-HUj_2PK0ypFsseII3QXMN6iQ1k4CqY_YFaJ2bRTb3bGD0RrV_decnR0awRTT_bzwA-Em1N9a6RU6EuhQ8n6v_9abYKLAPOCGsU9bZj5M8Zvvx2VD7qKiWK-lI_ZhMv2Z_uBd80OX0ZZuVJZmBZiZge6R4A2P--z9wn9O8I-EM67LioNH4Fq61iucRUuydtgGTrZzInWaSZ0stEiVGdlzeKRrfQ15pEgRLW--gBaH8yduhLSB9YMODKI04B5XUcJ47wTFqTusNRxTDBNc7WVk1LGU9PN-M-Ub9HhTN4hhlm4ew0RS-HKZ1gVVSglYdquXXqy2EALWjLcdQ7yazSKRZR1N9JloAnYAxyj1oWXrp5uiIAc1dLmuRJBDC_BjSGn2KpiCJeTzbKkfgkqX6QlSs0xL43aJV7nYcWqleJo0-msIIDXV7G0FkKpZCQgLjBIgG4V9qvZUtfzzu5MZYoIvknYMa62KHIOofDjIrbO-3c_aeKNAP3JThJ1cZ7Uf-YXX7xRh5Hz_GYz-gEAPhHCVML74hf5WuKllS2f3nnpUakYEK6L4PTPAyaA-AA4knTsJThHacjWepMD_-_SXI3FcuAS2n0hCAdHqB4empi34Px6e0OKQYwaV79t6DkhBHMVp4ytCmmJre0XwTHH7bPCCabda85rm6zgP6ZF-YjH2IXU6KDzT4pwm-XQpBiA96r08MIfGmP4qKDo8kk_M9DQbRxdnsvt9VJjlIa1I0Lcg6eaYIXw_mdzndO61DvnBcwMZX9BgrcuYx-K5XqpOjZ7jZqcClU2qHhFq8Zn3DCOHzwKvHLrHoY62HAv18Ry9Mi6QC1m7enJHqmUU_gFTDtq3pXR-qvA9tXw_k74hcfcHHUdW-Kpn2VSTBiUoO4PHGL813xReIDxzESENddVdMtGOovtp9hvTdhiZaIDrinsy8yFIVhcTXtbGkhgjavOuoo8gtWxrC4zza2ary38rX2lQWT2cK6obFk3z2A8q4dqjnxFaAh6J9WKu5iW4RtkrWV7yYFH5K4XrchQcY6Ua6P29fDfrAQG0svnMU8sEeCPA-JmwUftrJxnXt6YQj1Tp13c27PPh93stRqakePdA0nKTb54xWXlb7FkC23laA8VC3XZ7xzFNMu4EWbTnGwIq2ItgkwN7e1RJK9a_F7YPXSM5FWKhUoM6tasOP8bt_8l-lEmp28DWYy1W0cr1MvDUVkDI8xgGgBfqRmJJb2tVedV5_Shux01Ys1EPkkiy2vP0rX1VO6g-XW32pOTwjN7ck696wOcglcatEwRN9rFWfW0-WvgUutZlsTqcufDaiFXzKZZ5j4_86fW9zCUfpeLGdVnCCgcKlT8d4J4P3_iGYSU1MlI7dMPfXrjnyAGcGEZVQ-5suDCxhB82FOzk94e478sP4mYX-lJO0v2VQOc3vfS-guFKrlOrqDAfjG3rmjZ3bc9TFKQ0bwwlDBvHwL7Y62Z_AHJYQWh-xmn6zkXqOTBDp1fcYnlVQBUg7KbQgiw652sAUiyU6tfF82A5ONDrTgNpe-3Xu1rnyLp_1cN9c86IUNixYuVlcW3XkkgSp8J9xQjEBvR4UM3qFJfOnFRT_cOG9KR5-HB_b7RmhPRP3tetF8jr4pRAE4zhelhgHZ9uXJK7MF-qheKY9W2Hb61iXpvE9Oy_dmiqzhoGVsCik8WSs7Uf_cGwWy0cWyc_133toCYt_gJFGZzJ2mom96S9iFYmJ2MQGuI6velnfKgVlfRbkfEntyVQzeCpC8C1lJAO0cXsQgPmiFj37va-w8xlIi6BxranUKnEBB3WSNBULGFsueNWl99xgpZ-18NdnZyt4KPa5vNJ35vfjtDsi_D5T8wLCXsia-Iw4iRV52cInCLW8vb2qCMgVx-NjlmB43CtQKsTaaidkBaUDMibnySSOKKHbiffDHbgH3ows2ogblNEC2LNX72AxRgbIrzaL1K7H3Et1eu77euttzzGX81GGLCRyEjlLyY1zktAf4u0LvcjMFBClAGvPMX6XbsWl-cWDLAzDpjrYgBtJR6h4qGqQWkshA0x0aVdmWoOYGnALbGQevXVQ_-te3Vvarh2Q4WU5c5WV-iSpKNKsWRmhk7hn4KK77axpvv0WTriWhLquEV3sJXDRpCCAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19782080816&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJns70MsCBWlMtlhAwYwIO&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Facde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc,c:bi2nQ2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-hclck,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tCVSQPa+11%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:18,oid:3e7657fa-e77b-11ed-ac34-e22686c1869b,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:21:58 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 7ED2 1 KB
767 B 18ms
18ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:03 GMT
expires: Mon, 29 Apr 2024 17:20:03 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C23 0
0 49ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1Agkra0W1cBNAMIMmS_XK-uaS1MXAkf2XKg-5lgofEvexg933rmamWqX9JUVh5FqnV9qHPwAfnsonAASLRqku07WBrB1anLUeEKX9X9DxgUbYbuezxXSxnMasnoxfwe5PHZNuA25opsNSkpkIZExXpNjbkYfd6zg7Bwtj&sai=AMfl-YQ2qXlFdGmeWatCoTGl0M_wAGNkKbJDPzLujbo3kA9MCgB2aYk1dj9KFRcFa0kTbt3bW32IwHk1VFnSdXV5GkQdGknbKukyxpNKDIm17x8Sow0CxrYITIEOwUfiiKk&sig=Cg0ArKJSzPoz8oPB1TiHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&cbvp=1&cstd=44&cisv=r20230426.76168&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 4C23 43 B
1 KB 80ms
33ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361198340&gdpr_consent=&gdpr=

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Nagold, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 30 Apr 2023 17:20:03 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 30 Apr 2023 05:20:03 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 17F7 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 06:47:50 GMT
etag: 48472445140208031
expires: Mon, 01 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4C23 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a13585f3e24b998e443db7ad6466395df5500d406708e12b4451565fe68171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE31 43 B
215 B 95ms
94ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=9f2288a4-639d-5430-170a-4821362a83c3&tv=%7Bc:bi2nTt,time:757,type:e,im:%7Bpci:%7Btdr:581%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:757,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B751~0%5D,as:%5B751~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:164,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C131%7C14%7C1511%7C1512%7C16%7C17*.990511-61634097%7C171%7C172%7C18.1352960-70224161,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7ED2 113 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 7ED2 118 KB
40 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 08:32:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
116ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250201&jk=3828946545216055&bg=!GhmlGU3NAAb9Sbh13Uk7ADkAdvg8WtZeV73uTHyaYsfkMnSnfmFDhsjsg2iv1z6ZvBfHpjz-SYfhC446mo1rDo7qrBEaNhe7huMCAAABR1IAAAACaAEHmQL2P-Yc9AzNYLJ8mt3E_hYLlbNG5pxd9AnIUQDKmUGasvmiyJwSM5Y39wyXrlH20m2CXt68ZynSs-9JVObQdgDR3_kaqY85jFmunGnzrnzTW4Sal3PF6tYrboYrB3TzQ_3DEFA4Rv50RQYWv_etoaWktK2W9qo9CD5OjhKaCWWPye_DzfyaSoSfTeEAUtmvw3TkTE-gAF3KgpyAIACBUkaGQ6IifZeHY_QGW3hARpsyzei8eDXJZ_xSQ20-8gQL6FDlEcuaTdYLjIZ8QOs3xkSX_KYIdZJ32zj8sSEfhzQKXRHCRNBk9HwoRlIrYQxULdO11K9DxBG3fGSQInfGMbybEAYclVavNgQpZ5HAg2IlL7iQtcWnhNaMKMx3PfHCeEsxUX3BOD2nlqzPa7RKGKzVxjKavBayzgpStVIfXudQh6y3VWWWorTDrc2aOU2Iguq9Qd6tPIePx95PT8QTHUB7oQB0AWphqMVDUVpOBCLiAT_zb7M7MXAZ7lF1JLkCnMyqYhCT8A0_Q_a5jmldyNGxlrfWgWz8KkDVMxykxyNQt7XRs_fP4YaC57OjE3CSSY_R2mwpWBepkOIQ2FUaYYOEkQDZFfZ1baikgkBOfGZUJ2N6RMTpYLrRXMFb7BW67zDepO5Vg5PFTAT55d4RnhGKQQ66bwzgHu8670VAQFg_PHN-RsEiRVzsIoSvrcEFO7XNoDF5VBiLB5mafLzlXep6SG8xxLFbYKObxZ66HG46e_TFBYv8ttNA8pDYa68u4lhlHNZV2ljOR3kn2u9ovJMeElOOV_L3wmafPEV8m4_jQ11yqN__mWGA0KEJdB9KG6JOphWBeXszooSDkrAYAZyUFfhXBRotjqlEuvirATO26k7H54OM8asaYlWB9um9fULNHWcrDCBwm2L8_qcLDUHSGbWcTYg5_5FfcqQ_WTeiQsjrBzI3_-YPR2FukPfNhbd_Mj7stNWV18bgAXZsOHU8cBwjBaNQQLQ0bjPuj74yDuhLWE3aYyE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17F7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOqIXIBBEg58Xo7KgnKE_o4&google_cver=1&google_push=ATf1kGP5kMoHKXU2379barmGBsi2iJ8IfxdMhv9cdNcltEn3g2DD-xEGkqcR3e7T-AUQNJ8aRLnJCLY0Jb8hdib9ltxbIIeerWnURg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGP5kMoHKXU2379barmGBsi2iJ8IfxdMhv9cdNcltEn3g2DD-xEGkqcR3e7T-AUQNJ8aRLnJCLY0Jb8hdib...

170 B
188 B

25ms
25ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGP5kMoHKXU2379barmGBsi2iJ8IfxdMhv9cdNcltEn3g2DD-xEGkqcR3e7T-AUQNJ8aRLnJCLY0Jb8hdib9ltxbIIeerWnURg

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGP5kMoHKXU2379barmGBsi2iJ8IfxdMhv9cdNcltEn3g2DD-xEGkqcR3e7T-AUQNJ8aRLnJCLY0Jb8hdib9ltxbIIeerWnURg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 29 Apr 2023 17:20:03 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17F7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGVQZ52_yTBkLi2yMVeeZac&google_cver=1&google_push=ATf1kGOy9eXSDYmxvbs7ogG-Z9-w4g3irv8616OfXls3crMLAgJlno6SCJL_Qo5My7t6mj8exsZjjrB7Bii...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOy9eXSDYmxvbs7ogG-Z9-w4g3irv8616OfXls3crMLAgJlno6SCJL_Qo5My7t6mj8exsZjjrB7Bii1cFzm7pOxl3ZfWVFQwQ&google_hm=0k6-2CdLQumgBgCBfr...

170 B
188 B

21ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOy9eXSDYmxvbs7ogG-Z9-w4g3irv8616OfXls3crMLAgJlno6SCJL_Qo5My7t6mj8exsZjjrB7Bii1cFzm7pOxl3ZfWVFQwQ&google_hm=0k6-2CdLQumgBgCBfr1LK8g

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOy9eXSDYmxvbs7ogG-Z9-w4g3irv8616OfXls3crMLAgJlno6SCJL_Qo5My7t6mj8exsZjjrB7Bii1cFzm7pOxl3ZfWVFQwQ&google_hm=0k6-2CdLQumgBgCBfr1LK8g
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 17F7 0
173 B 48ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN_Fl8iOKOPnmlirCl5y7nM&google_cver=1&google_push=ATf1kGPwC9RfA5RpYPkLvd9l3l372pPbNldG7HaaYxa5fOzAeEzbqpjoH9I3G0TuFiFF6XNRU-KEz7C-Q8VXH6c4tf32IXUL_kSlog
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17F7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e7HZGojFScOeuQBcWP2JJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e7HZGojFScOeuQBcWP2JJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPcUbnhjJiM1xGJ_5rbORAuiKKz6QmutPYHRxEKuYDWFmMHgVkunBPIj8BpsH9FqBcXp_G6YR1j50wzuAUe85kOPorg-yuhSA

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e7HZGojFScOeuQBcWP2JJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPcUbnhjJiM1xGJ_5rbORAuiKKz6QmutPYHRxEKuYDWFmMHgVkunBPIj8BpsH9FqBcXp_G6YR1j50wzuAUe85kOPorg-yuhSA
date: Sun, 30 Apr 2023 17:20:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17F7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP_e4nlTmHg1Lt-iiTnP85o&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_e4nlTmHg1Lt-iiTnP85o&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGP7DiZKACRrjTrRYy5V7Dk5Zo49zupVX...

170 B
188 B

26ms
25ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_e4nlTmHg1Lt-iiTnP85o&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGP7DiZKACRrjTrRYy5V7Dk5Zo49zupVX5rFhAKkZsY5ba7PsV5vaukhfdsM9Mvc0TuUjK9D9pfObLLGdBpFrhXh3hliNQ_Hng

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_e4nlTmHg1Lt-iiTnP85o&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGP7DiZKACRrjTrRYy5V7Dk5Zo49zupVX5rFhAKkZsY5ba7PsV5vaukhfdsM9Mvc0TuUjK9D9pfObLLGdBpFrhXh3hliNQ_Hng
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 17F7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIZN6Jbgcc5zuy-7BthUy9c&google_cver=1&google_push=ATf1kGMCQnqSpHkqTkWUyblk2fFrft4agxRKWGEiprPeO-GqBOnrzGHd0LwP81mhWwjiWP-GF8vl91le6Qm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMCQnqSpHkqTkWUyblk2fFrft4agxRKWGEiprPeO-GqBOnrzGHd0LwP81mhWwjiWP-GF8vl91le6QmXaufy5sThCK6cHx6yRg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

14ms
13ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17F7
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBvGVUd7T...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBv...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6e06ff41-4ba7-439c-8386-eba172a3b352&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

26ms
24ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6e06ff41-4ba7-439c-8386-eba172a3b352&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6e06ff41-4ba7-439c-8386-eba172a3b352&%%GOOGLE_PUSH_PAIR%%
date: Sun, 30 Apr 2023 17:20:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 17F7 0
12 B 20ms
19ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFLSh5rKQGswdCHOB0igpnwuDzX2gHGgdyzp_cd9cYB05cElVIKggnPybWwLVp9Yaz_zaA7V8

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C23 0
0 49ms
48ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1Agkra0W1cBNAMIMmS_XK-uaS1MXAkf2XKg-5lgofEvexg933rmamWqX9JUVh5FqnV9qHPwAfnsonAASLRqku07WBrB1anLUeEKX9X9DxgUbYbuezxXSxnMasnoxfwe5PHZNuA25opsNSkpkIZExXpNjbkYfd6zg7Bwtj&sai=AMfl-YQ2qXlFdGmeWatCoTGl0M_wAGNkKbJDPzLujbo3kA9MCgB2aYk1dj9KFRcFa0kTbt3bW32IwHk1VFnSdXV5GkQdGknbKukyxpNKDIm17x8Sow0CxrYITIEOwUfiiKk&sig=Cg0ArKJSzPoz8oPB1TiHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=177&vt=11&dtpt=130&dett=3&cstd=44&cisv=r20230426.76168&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A158 0
20 B 114ms
113ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQCagQ6NOZOWSGpefgAer3YGoDAAAAAA4AeAEAg&bg=!FRalFkLNAAb9Sbh13Uk7ADkAdvg8Wk25aBV-XMZ3Iguv4gIxVwXRsTo7iAN0bI9AqNKeqwDpn-yYlzF76t1juEy1WEgWFJRRKn8CAAAAtlIAAAADaAEHCgADRaKvmQMsfuT0E33tUzDbb-k2cDc9lZwCjvUEqU9y5hJVfMARjp4O_VI7higgzwTKUYhyhMHqYRkdXvbXBq6Y2NPJYzkg-_HByDKzdbxBTKT0k6r_L6m4Tb74QkmQ94vxkXfgk_jba-gsffYNv9iQMop17TV9eCmoxNjThni4499zpWm9q1fMy7bQ3mLHKpxp68PHERct-s_2XYEpF4DLN3N2tutfV2Dgx1kjVBBCXwuo8hyLifZex83zEhGKmYed19OyZCETkLWk5SuJ2ZgwfRo9eKFpMpQ7vIUelZvvr5ukV-2ESySwRlqIWour0P0WGCTsfDVvCZXR8cxzQmoEYSTo0GJf7DhF2f1sy8Bs_W9-qbGBSfvI4p2Vlqe2Z3k9-oN80FPRzCNIhLLy16LRMImvcLME60euxQ1isgOGck8WL5U130WgiNlU1yTyMwhk_bdQITfiMdmHUeEobZINP5x3jVZd2aGmD_CdwXqv4q8V6usi9Zt7o7ebK1g3aA5_PoX6INCmfNHr0dB0keLbpmknlx-gjv0YQlcBiLHDxqB-5nbsMmq7nrS6wNj8iSO52nK9yyYh8epQcQzeU26Xd9T7XJV97ZIDD-53EsdzxniiNllROOZOimdAa3nmAuCApYvEYI9sUGeEdlzsJvC9wBagGyjoWWjTI7HJkpZQYWAGhyYlcIgqNIX67F4A4-57d5zKR8mSxVMgm5uevd3SoQ_YX_n0fwB2Wi-VX40SKHWiZlOOY0lguq7kM7OmK1DIRsEWX-7jz7reu9TVW5va8Kbi5-vcjVquJQBw0yNjf4Iy8uoTO_JUlXSL9178rN8Idiu82zP6V_CEn22E72mfaE3Mj2JlK5CNZIg9EojpbkW39h0CvenBfeEsV5sCJoJVykbv_4QKmu2MP5S4XZ4EIqUgVCAEYEx5hN1mtHP-ZvvkD-kA_HkSpQTrhjoX2_Dw7EXY4FQh8z_e5OoeD7yy05bjetKj3IShvn6Ndk7iBwpVwEIAGzuYSPyw4BAJaxFJM1MMmAwh60Y_bdYrAzy-mrDpC7WKPyLTdyqQbGWnBZSPXnXbTlNcj0i78jmXevcSSX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B833 6 KB
3 KB 11ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:01 GMT
expires: Mon, 29 Apr 2024 17:20:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 7ED2 2 KB
821 B 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22105c51ef3cefac91beed7a89642951165c0e2f293c1c672572433e54cbf7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 12:33:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:20:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7ED2 7 KB
6 KB 52ms
52ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

362d4f595c8f76ef42e85e06ac8aebe0817321a4f0cfbf585da3af990f6a71f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5757
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7ED2 17 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 17:20:03 GMT

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 7ED2 61 KB
17 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a31dcc8145cda5077f9e148f349dc3efa073e864648d0608e5f5b6abbcfb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17826
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DB87 624 B
242 B 52ms
50ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwmv0mszQVWc1JPF29z6Ovjx69BXLwk8VO2MiE_Lw0nhb5ZZy67nDUeEyguAmFLCqRKFc0R7pe8cmAGgE61d9Nl5tL8wJTJwa7_zIKj7VGehWc-jPIk1GA8pZTjpeYWFi4tUkRdFLHRWt4pcjVppZRvJznLrPZAFoPb2g68bblarXZQO4

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 17:20:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B833 78 KB
27 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B833 42 B
63 B 111ms
110ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYSpYbwY6-4pS6OrPFkwtABY2mbaLiMSe12gxFf_bx3poN4jqege_C3ofX45UQVTir5p5IPh5vn7K3RNQzRFvg2wLw9al1Ly3obet1ovHNAc5JRLQ

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B833 0
20 B 112ms
111ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4349329245370843078&x=1&ct=77

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame B833 2 KB
1 KB 99ms
19ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 17:20:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B833 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B833 19 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 20:05:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B833 0
0 18ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTqAbNTGjx-HkAlgdvBhAqJn9VtbbVdNBWuqmhG8hDNPLemt1Mvtu_zBiOg9kV8jCI8DpHzMNCol1k4kpNBO7s7O6VGg
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B833 158 KB
48 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:20:04 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 01EC 36 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 7ED2 4 KB
2 KB 9ms
7ms XHR
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:23:53 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 7ED2 5 KB
2 KB 10ms
8ms XHR
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:25:17 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 7ED2 2 KB
1 KB 11ms
10ms XHR
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:27:16 GMT

GET
H3 200 NH_D_LA_Wall-Flower_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 7ED2 81 KB
81 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_LA_Wall-Flower_728x90.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36fb8b973ca16b28c844f2b17e1cdce0236318f53581b3ce3007d95960be3488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:10:20 GMT
x-content-type-options: nosniff
age: 584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82432
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:40:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:25:20 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 7ED2 50 KB
50 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=F7JiP6chG0&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:12:51 GMT
x-content-type-options: nosniff
age: 433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 17:27:51 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DB87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1

43 B
766 B

15ms
14ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwmv0mszQVWc1JPF29z6Ovjx69BXLwk8VO2MiE_Lw0nhb5ZZy67nDUeEyguAmFLCqRKFc0R7pe8cmAGgE61d9Nl5tL8wJTJwa7_zIKj7VGehWc-jPIk1GA8pZTjpeYWFi4tUkRdFLHRWt4pcjVppZRvJznLrPZAFoPb2g68bblarXZQO4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=489
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DB87
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6jQtuNFC55P.3HmF.EhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1&google_hm=2

43 B
766 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwmv0mszQVWc1JPF29z6Ovjx69BXLwk8VO2MiE_Lw0nhb5ZZy67nDUeEyguAmFLCqRKFc0R7pe8cmAGgE61d9Nl5tL8wJTJwa7_zIKj7VGehWc-jPIk1GA8pZTjpeYWFi4tUkRdFLHRWt4pcjVppZRvJznLrPZAFoPb2g68bblarXZQO4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=488
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPBSe_dfBg0xMTfQ28od7w&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DB87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNwYfTz83o0LNQ0xgzQ2GE&google_cver=1

43 B
1 KB

16ms
15ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGNwYfTz83o0LNQ0xgzQ2GE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwmv0mszQVWc1JPF29z6Ovjx69BXLwk8VO2MiE_Lw0nhb5ZZy67nDUeEyguAmFLCqRKFc0R7pe8cmAGgE61d9Nl5tL8wJTJwa7_zIKj7VGehWc-jPIk1GA8pZTjpeYWFi4tUkRdFLHRWt4pcjVppZRvJznLrPZAFoPb2g68bblarXZQO4

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:04 GMT
AN-X-Request-Uuid: 1a751025-5003-4f2c-99d7-e9bcbd6fbc04
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGNwYfTz83o0LNQ0xgzQ2GE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB87
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 30 Apr 2023 17:20:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 94763762-7930-4634-968c-144917637ec1
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzUzNDA0NDA2NDQxMzIzNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B833 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9375773894364&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B833 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9375773894364&version=m202301230201&ct=77&x=1&cor=4349329245370843000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B833 15 KB
11 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHaGG58Y39zdEwpI9bd29HM1E4kttnPXg9F1eW2gERo8HQziV72Y4wvIjvyX8ogdpfA0uHUdw_kJaCx2Eeu4akfdrJ8e9ffjQfWlJ8iVSSJ4K2usyUvofCCHNcLrItvHjo7bTNkkAHuXZlIxWqljpOAfWDd7buoWBxRkvtXKdhrYe0uX4&cry=1&dbm_d=AKAmf-D79P5NCqiq38jEWUcIOIAIkO6Mce142X4K9hWEUbJTT8dwuUmAWCJxXPlCGI0dqdZoFnvb_jGek0qmvZknd9jVr9GPLTQFMefWC7FpIjS-zGZw0vfYTeTDB9ROon1e0IVRwMMHgrprt8xBLOoOu9C9PReGxjXEVQYOZdD2yS7NGknFBviBd3iY8XY6Vkoo3h3fyEf9S4H8ReDj_ToVzBiiv4o5IrOMi8Iw6PGXitYeRUHjoO7BvWkD4rU_lkYXA3_Wd2Ef1T1jHWXYRsh_29dXprYFpMGMByoCo6HOwP3o1NZe5pkjgUXDezzUZnPl9ze_9esl5F3F3okA_mfzvh14Dcs8tm3LVxf6NORaDqyVjBUmU9qQC-WjOM1UN22xIGTJsrOp64JS_CsYe5k6c_gJ5KzYq5PNfdNn8KxxEl0Ub4SfZX05m14TF1Hl4J53yRZNIvlh0zBVh7oSWxYVE1cIFCcL5fkHUXwv3qcXF_7oBCYxiUVL9jdF0Jxlk2DEmeEzD0SVEjjxMSvHiWt8elg5gEOiMw1whL_wBl4O9wy40IGqlL7GBFuNdicxmSosQRfWwOctlksv45AmVkrWrDIelSQmrVW9RQBSlkYT5gDYvLnnYR8sMXENvJub5F1EJMyEYt8JCV8LbSJDpKNz00Mw8pvwLdyRZB3gFeCqgvNzP2SxgD3UykRQIhyKwQZKpOfap8Ts1w5puP9vKLrN7MRwywjyV7cGCskA6bipywBiRaf_R6hGZUVbOi9HxFRln2z1m_ZyI8ReWci2SI1DR66o7pMPX2m2aMStd7bpFJ-B6u10OayaoUUxDUkMoGIk2tWsCWbSqX3zGLAPA3kPnfmb0yu619DL0Hl08yrh6v-CgcM0UhSTJhWEnkIKl394ucx6Sfw1UZNscyCsDcpGZgXQYCSP_9beNqq0PxPPhut13ZUfNV-idx8z83sa94fRE1x89q1ByHBnvhU77LPN7s2WHHzzo8LPQ9LTiwvK4cqWtM-1SJvC2tw997aur13v_EpBu5A7uQ-PSeoXjRt6JOSoN2F0w5UD25s357OR6pKiV-n44rU9mdEo8W1r9Na9nA1TAj1gpJQjyh9_FisCRYNbuELZ9owjYse9Q4C6G4EpJYreFDSibbK_xaG2IcDq-2wO3_Qdo6oZqRMH9fyG3EOf2V6FwJ6JP-is1rjupOQMQyKzGapEg8DcLVSA6T0xd7YF1F3SB0co8CUFhFGBRtHxNGLIWA_4xIBiD1Gz_ENKhjEKfXqp73W4M6I86viV5yQ1Y9Do88vmtdBKESPnQl7hGaazahYuJPGHGWDJZN8XtVI4j1u1YbbRoBWsMZRNZX8tgL_TeRrKBJt0eNvJaflME9kciP1OV9RpazanPdkvJR7zdk5TVIQOSyI2Tx3BzTSQwI0yF2BlEmdjo-JyhuPMrI_c7Fq4C0Ccvh37qd_22pbTBppNjH170QRH6SobHVSh0s9DPRxol6sQMcAxX7fNWSylR0JImIx90ggkXlQu5B7WXHxOeBhBlLFrZ2cLiA5bk4ljqKvvj9SW1UW35GZTR8O-H0MdvoSld5r_6_aUdOPySNSnBo6HJmty9JngemnUAQ96wn0fCrwhbxJyrYsNRXUiRGcWzx0vCWByTm4vOLeLtbynQdOP0bS3rleTLBHCM5ApEgWzDjqaJ7XUoxScyFxT9-WHcWUPdQuyL_FNMlv8THU2ZoycER28FtXR6bVdJJOPsXgUjwFNbploSoE4VQ9QD8iC0IrMMOgJpkdbIMFhslCZMgycwQW2rAMVthhiBR4SpKb2oo8qqrxX8gaPhz5VHGd-zul1YbmKWPxuq7sBN1bhlRib7ezLFMD5aeAMrdvxvLvLEtymjdHqvahSu-YAT-JJ7CPCZncPgZc6GbXCkGn5JKgnl-rCJrsrgDZVEuW8ScRWnnHZEDSoGkUYyo0i2YJ_1lxJb1cn4NIEvcm0WewWFiWtKUPqrF0R0w4y90ptucivMKwGetN12cCF9DvWKfAJ_YyYUk3IpeCiIOq03HBcl0Qcjsj0xtZrO6w2zjRnKIc-Q6_sMGrZXQ3xtFWYrgOsaderoeuNRVzXTrq-sdq91iXFXSV3QkPjleBFfARGeFSnZXfM7itDnuSwI43b75wlBgxDnVTNUrvpTX-mVovnGfT9LR8iDej8zblZHwoiLs80-5JHCRm1B5dcVZMGISEQ3ZbEN56bTj2zrfzD32oqVbRraECHhgMJGJsCG3c_g5U8mxGWJXwaq22zP1WUdAZmIVAzq3G1Hcg43oo-m7ngwtcLaoqGFPyLkm1U4ZBs5kLla24IUM21f1hszIB70kIiFlo0CIHzOIxDKazoFSKe7tKeY1dJwqZDmgA9gfo3L16frRGRKPG5T0emIW86QxF1aFHA0c26XZU_uFZmc1nvtV26kt7xenylSycnU14Qw_T9cNdZTbLj12CYKnApg7_yjsWLthavdq40XmQRiID-BDZhXqdCNpxszY4Xt433M0JRzLl3qk2yV4jo0e70rby3XwBSNhUG-C_87Q9HB9yHH2sOw7pxV2kh4uTFS1-ANjeX-eNjFIfG0a3yBsGF6fRVQITYhsneblwAtzVnJ0Lsp3kF2umkvUF68biF3QaUoJAynwZlWrWIuLSxo9GZBnKPj3lIF4BddUkqcwjIjeUSWQyCSKey7TvqzbmyDl4ARLfq-E7ZyjE_GoF8V98DPTfYwQiUSXaxbGTNgjvA1zoTH_7QwZzdFPOjvBlnPdIMU100dWk9RLrvoniWdPddcCgWAAGwJV2HMDLcid6dDBqOEj2hRa1OWBdaump0LBOeCYHczkdR0OIVLLcjqL3Pd8oDReXYvHfm53RRP5rZ76HUKYvIiYwhOpTjI0Eqo03vG_sME_waoMUbF2QJxCdt3qr7NXl-8graOYhMrNyr9fzRY942MMK2URmQLsOMPEo0dOPDvgyhMXmhg0rhHjU2poy9_BD90MqQcxYIVz1C2vqG8yi1J3ILCMyMq_13-7dk79fyqhRnAix9yFTeJ-WAhfhpTO9l3qKekncxgNWnRWSXzCIgyA7ybWL_UW95KPBUpa5wdhK9kos11Yr7qMpKVw9rDUsUILGypkLN5lDKIjVcJ_E2K-xPsuxJtkR06UPIaQnyvE_E56v5ihEYdQqJsrbP9-yMA16OePIhyuRuUm30WsHte2gqqGY1QSB7ZSaDfahuvRJoQ6V4w6dr9wdyJ5Z81G0ZwPti9caTQuVkFzmEPbD_d2jwAm74rI-V0bIVlFov8bxxsJyXjT07JA07sP5s-U8QMZ9ue46jRlVDkBdG9tZUNPEencgno4VmOKrNaHB6-zoOxBjtQu3itMo6GAt2MOB8A1XFZNbP7m7uBdeZiRejsQSPdR51bVS_PppyRG5Xh-0FQOOFb4ohmPjrR4z4hgiQhqhyLcC1hTxf-kxXEHd663wx6W-iqJdimDCrLJnc9Ys4oKuQCTPTmUjggg&cid=CAQSPABygQiDTDT7wkRFIxoR7ScMG7VylIABiB2-kUObAef_oiK5iHng8t1bstKQ5A7aCHmj2zyH4qpEO6tnZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=4349329245370843000&adk=2857193498&rc=1&idt=62&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea4b5bd261a18802261624ffbbcbe160429245f91779c4866851c7b1294e5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 95ms
94ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2nZO,time:624,type:e,im:%7Bpci:%7Btdr:513%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:624,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B619~0%5D,as:%5B619~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:128,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:166%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B833 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHaGG58Y39zdEwpI9bd29HM1E4kttnPXg9F1eW2gERo8HQziV72Y4wvIjvyX8ogdpfA0uHUdw_kJaCx2Eeu4akfdrJ8e9ffjQfWlJ8iVSSJ4K2usyUvofCCHNcLrItvHjo7bTNkkAHuXZlIxWqljpOAfWDd7buoWBxRkvtXKdhrYe0uX4&cry=1&dbm_d=AKAmf-D79P5NCqiq38jEWUcIOIAIkO6Mce142X4K9hWEUbJTT8dwuUmAWCJxXPlCGI0dqdZoFnvb_jGek0qmvZknd9jVr9GPLTQFMefWC7FpIjS-zGZw0vfYTeTDB9ROon1e0IVRwMMHgrprt8xBLOoOu9C9PReGxjXEVQYOZdD2yS7NGknFBviBd3iY8XY6Vkoo3h3fyEf9S4H8ReDj_ToVzBiiv4o5IrOMi8Iw6PGXitYeRUHjoO7BvWkD4rU_lkYXA3_Wd2Ef1T1jHWXYRsh_29dXprYFpMGMByoCo6HOwP3o1NZe5pkjgUXDezzUZnPl9ze_9esl5F3F3okA_mfzvh14Dcs8tm3LVxf6NORaDqyVjBUmU9qQC-WjOM1UN22xIGTJsrOp64JS_CsYe5k6c_gJ5KzYq5PNfdNn8KxxEl0Ub4SfZX05m14TF1Hl4J53yRZNIvlh0zBVh7oSWxYVE1cIFCcL5fkHUXwv3qcXF_7oBCYxiUVL9jdF0Jxlk2DEmeEzD0SVEjjxMSvHiWt8elg5gEOiMw1whL_wBl4O9wy40IGqlL7GBFuNdicxmSosQRfWwOctlksv45AmVkrWrDIelSQmrVW9RQBSlkYT5gDYvLnnYR8sMXENvJub5F1EJMyEYt8JCV8LbSJDpKNz00Mw8pvwLdyRZB3gFeCqgvNzP2SxgD3UykRQIhyKwQZKpOfap8Ts1w5puP9vKLrN7MRwywjyV7cGCskA6bipywBiRaf_R6hGZUVbOi9HxFRln2z1m_ZyI8ReWci2SI1DR66o7pMPX2m2aMStd7bpFJ-B6u10OayaoUUxDUkMoGIk2tWsCWbSqX3zGLAPA3kPnfmb0yu619DL0Hl08yrh6v-CgcM0UhSTJhWEnkIKl394ucx6Sfw1UZNscyCsDcpGZgXQYCSP_9beNqq0PxPPhut13ZUfNV-idx8z83sa94fRE1x89q1ByHBnvhU77LPN7s2WHHzzo8LPQ9LTiwvK4cqWtM-1SJvC2tw997aur13v_EpBu5A7uQ-PSeoXjRt6JOSoN2F0w5UD25s357OR6pKiV-n44rU9mdEo8W1r9Na9nA1TAj1gpJQjyh9_FisCRYNbuELZ9owjYse9Q4C6G4EpJYreFDSibbK_xaG2IcDq-2wO3_Qdo6oZqRMH9fyG3EOf2V6FwJ6JP-is1rjupOQMQyKzGapEg8DcLVSA6T0xd7YF1F3SB0co8CUFhFGBRtHxNGLIWA_4xIBiD1Gz_ENKhjEKfXqp73W4M6I86viV5yQ1Y9Do88vmtdBKESPnQl7hGaazahYuJPGHGWDJZN8XtVI4j1u1YbbRoBWsMZRNZX8tgL_TeRrKBJt0eNvJaflME9kciP1OV9RpazanPdkvJR7zdk5TVIQOSyI2Tx3BzTSQwI0yF2BlEmdjo-JyhuPMrI_c7Fq4C0Ccvh37qd_22pbTBppNjH170QRH6SobHVSh0s9DPRxol6sQMcAxX7fNWSylR0JImIx90ggkXlQu5B7WXHxOeBhBlLFrZ2cLiA5bk4ljqKvvj9SW1UW35GZTR8O-H0MdvoSld5r_6_aUdOPySNSnBo6HJmty9JngemnUAQ96wn0fCrwhbxJyrYsNRXUiRGcWzx0vCWByTm4vOLeLtbynQdOP0bS3rleTLBHCM5ApEgWzDjqaJ7XUoxScyFxT9-WHcWUPdQuyL_FNMlv8THU2ZoycER28FtXR6bVdJJOPsXgUjwFNbploSoE4VQ9QD8iC0IrMMOgJpkdbIMFhslCZMgycwQW2rAMVthhiBR4SpKb2oo8qqrxX8gaPhz5VHGd-zul1YbmKWPxuq7sBN1bhlRib7ezLFMD5aeAMrdvxvLvLEtymjdHqvahSu-YAT-JJ7CPCZncPgZc6GbXCkGn5JKgnl-rCJrsrgDZVEuW8ScRWnnHZEDSoGkUYyo0i2YJ_1lxJb1cn4NIEvcm0WewWFiWtKUPqrF0R0w4y90ptucivMKwGetN12cCF9DvWKfAJ_YyYUk3IpeCiIOq03HBcl0Qcjsj0xtZrO6w2zjRnKIc-Q6_sMGrZXQ3xtFWYrgOsaderoeuNRVzXTrq-sdq91iXFXSV3QkPjleBFfARGeFSnZXfM7itDnuSwI43b75wlBgxDnVTNUrvpTX-mVovnGfT9LR8iDej8zblZHwoiLs80-5JHCRm1B5dcVZMGISEQ3ZbEN56bTj2zrfzD32oqVbRraECHhgMJGJsCG3c_g5U8mxGWJXwaq22zP1WUdAZmIVAzq3G1Hcg43oo-m7ngwtcLaoqGFPyLkm1U4ZBs5kLla24IUM21f1hszIB70kIiFlo0CIHzOIxDKazoFSKe7tKeY1dJwqZDmgA9gfo3L16frRGRKPG5T0emIW86QxF1aFHA0c26XZU_uFZmc1nvtV26kt7xenylSycnU14Qw_T9cNdZTbLj12CYKnApg7_yjsWLthavdq40XmQRiID-BDZhXqdCNpxszY4Xt433M0JRzLl3qk2yV4jo0e70rby3XwBSNhUG-C_87Q9HB9yHH2sOw7pxV2kh4uTFS1-ANjeX-eNjFIfG0a3yBsGF6fRVQITYhsneblwAtzVnJ0Lsp3kF2umkvUF68biF3QaUoJAynwZlWrWIuLSxo9GZBnKPj3lIF4BddUkqcwjIjeUSWQyCSKey7TvqzbmyDl4ARLfq-E7ZyjE_GoF8V98DPTfYwQiUSXaxbGTNgjvA1zoTH_7QwZzdFPOjvBlnPdIMU100dWk9RLrvoniWdPddcCgWAAGwJV2HMDLcid6dDBqOEj2hRa1OWBdaump0LBOeCYHczkdR0OIVLLcjqL3Pd8oDReXYvHfm53RRP5rZ76HUKYvIiYwhOpTjI0Eqo03vG_sME_waoMUbF2QJxCdt3qr7NXl-8graOYhMrNyr9fzRY942MMK2URmQLsOMPEo0dOPDvgyhMXmhg0rhHjU2poy9_BD90MqQcxYIVz1C2vqG8yi1J3ILCMyMq_13-7dk79fyqhRnAix9yFTeJ-WAhfhpTO9l3qKekncxgNWnRWSXzCIgyA7ybWL_UW95KPBUpa5wdhK9kos11Yr7qMpKVw9rDUsUILGypkLN5lDKIjVcJ_E2K-xPsuxJtkR06UPIaQnyvE_E56v5ihEYdQqJsrbP9-yMA16OePIhyuRuUm30WsHte2gqqGY1QSB7ZSaDfahuvRJoQ6V4w6dr9wdyJ5Z81G0ZwPti9caTQuVkFzmEPbD_d2jwAm74rI-V0bIVlFov8bxxsJyXjT07JA07sP5s-U8QMZ9ue46jRlVDkBdG9tZUNPEencgno4VmOKrNaHB6-zoOxBjtQu3itMo6GAt2MOB8A1XFZNbP7m7uBdeZiRejsQSPdR51bVS_PppyRG5Xh-0FQOOFb4ohmPjrR4z4hgiQhqhyLcC1hTxf-kxXEHd663wx6W-iqJdimDCrLJnc9Ys4oKuQCTPTmUjggg&cid=CAQSPABygQiDTDT7wkRFIxoR7ScMG7VylIABiB2-kUObAef_oiK5iHng8t1bstKQ5A7aCHmj2zyH4qpEO6tnZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=4349329245370843000&adk=2857193498&rc=1&idt=62&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame B833 57 KB
19 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 17:20:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 034A 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame B833 652 B
704 B 169ms
25ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_2414815593&jsTagObjCallback=__tagObject_callback_2414815593&num=6&ctx=15911784&cmp=203336&plc=7322076&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=2414815593&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=112&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2%3D%3AG6%5CEG%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2%3D%3AG6%5CEG%5D%3F6ETar9EEADTbpTauTau2456%60df4d74g7chfgcfbfc7_2deb7bac%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.00&callbackName=__verify_callback_2414815593
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e58092b323ad0dcf66e755bfd17188615b08e6359ebc2a9a48ca6cb4f084fd5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:04 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 04/29/2023 17:20:04

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 034A 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F00 42 B
64 B 117ms
117ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhHCxXGcEgjerTp5CFNMqE9ESLXi8zxiId1GCmGB5VeI5nHeJ_U3bclQDzQeK_zWK7L6l8CNIrQcMSVhAJIYYR3_ztYGmZIeWOCr2jLTofa8qSYkYI6viyOH_RnNNmvc1IzGa3Yw&sai=AMfl-YQ35A2RYFRlpsDJ2G0x9aFoviFpFDl5T74pZYIVkmQyHTUeBtU9MC73s6LinDQW78RF6ifuMOmGnk9wWBiTAt0YFoHn64_UDL3brPo0wsqoO8Y1W0a38_QN8OffWX80EfKI_smilDgZRjc4xg&sig=Cg0ArKJSzJwPU0Dn4k6rEAE&cid=CAQSTABygQiDbc50U4NIscpW8HoiLmF6WaT2V7oY2Y-9E-ZGSRQzeOF13dKChJG98ScWPf2F5VqS2rzolt3iFD71ZTB-5JA7A-X_rqwrmT8YAQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=241424876&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682875202126&rpt=1146&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2o3q,pingTime:1,time:1560,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D,%7Bpiv:100,vs:i,r:,t:550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1010,o:550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B545~0%5D,as:%5B545~728.90%5D%7D%7D,%7Bsl:i,t:550,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:116,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C18.1352960-70224161,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:319%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2o3q,pingTime:1,time:1560,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D,%7Bpiv:100,vs:i,r:,t:550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1010,o:550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B545~0%5D,as:%5B545~728.90%5D%7D%7D,%7Bsl:i,t:550,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:116,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C18.1352960-70224161,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:319,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 034A 0
20 B 114ms
114ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be2qERKNOZMuyBrSt9u8PmbK_eAAAAAA4AeAEAg&bg=!09Cl0ITNAAb9Sbh13Uk7ADkAdvg8WocwKF6Ek_enmLkJYILfcqD7ztoGwAPM7Yx1Xv9cYdXmeLoYJFT6SQ9antWmfX9gf2X-ZaACAAAAZlIAAAACaAEHmQNIjed6ovfY83Jzg6lSZHEcXkKyMJTEtP7JWQ56Gmq-DKgVkNdI2JRqbpn0ShnaEUxATpgOpk6he1J5FPT1XBZf0i1TW4_EOAe7DwauUk3MpE_ZtKeWvTKdbWvkuVpmKf6z0P9N1J0rRHz4LC6at7xzKbx8vNDUYwn6C6maSN9QxjWoU3wrhk_LLnoxniF4d41mQB36EAMn16KmRz8mBPwoGuPBOgrzOb2IvYYeNy0fm-emCE2tVRXXQS63xkGFtDHrBEIBQeTMT_KtrWy3JBleYhFoscfDYGpjf60ePYT7JS0yRjMIi8_TUUHdUFl9qND632hHcOUdSC9m160qMKoyeJUo9zr6Ag4OHeusMxE7YEnuecCBixzN3Ryuzjkqr-Y4IqB2SuTnwDC9Mm0uPTsfuOtu6RhFdxujLNLKSmz9fEabrZzaheb7SplsxZWMY6RlD2-IfpYPpkq8u5NYqxogtadLDyfpktZjIS1FL3eAFIx3cowDQPrVzz9HAFztIVvt4p25Hi0STlS5R98sEhij6Tmb9W1vRPvidva2ov0IBAuGmHvYz9pEBVUJdWzJQmfHbNBIGOBXuW1nDUoGlkK8TSJWMvBALBV_t9pno9Ga9v4vOLMLcvGqfh-909zGXp13ulrDBXKDicjXZIE5N3C_SvEavRZp3TfGueloypCRGCLPxoTPV2NXsk-ysCvJTP1TEqBNekn0Vi1bP3CvjBnns8VzlIST_fosAvCJuIlMK0PmbxHVm-PkshMJR9mpP51Gf29wdpD9MS0hvKznp_8F6wp_wuSNIm432MuRVaGdE7Z7WoSJHszkzFB_jn95Rl_GNh2Vidg1VviM0WOozYfS8RdNKEIDxCUJ6eUMrFbaaIQ-QVdhKw31wjFh6dfEnuX1z_1qLa16uGgJnAbFkyml5a594T2OnYihU44qoc_bfu7P_Sg5zoslnZXlOjY4Bn1fDvky7Q0lsBwTxvPsGwjo6j55rrraaHqcRCMCo6HLjY0xc2GnvL6rlj8VlHY1naUFqKHQNL2EU5CCNZkiEOhGY8PuueWNBTNpRs8RQf-dQXNcm7Gmldu_kuF_OvSVYeLDRUm0BsDIebD8oqTvf4IHebwK3PyrIQu1

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame B833 0
234 B 38ms
10ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=3bfbed963d6144c5859534dcb252cebd&vfdur=170&cbust=1682875204369721
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:04 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 04/29/2023 17:20:04

GET
H2 200 globalpassback_970x250.gif
cdn.besafe.global/ Frame B833 37 KB
37 KB 79ms
18ms Image
image/gif 2600:9000:25a2:2600:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_970x250.gif
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:00:52 GMT
via: 1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:13 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 76796
etag: "9bb76ce5aa5d929a4f69f37b75f469f1"
x-amz-meta-sha256: 496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 37581
x-amz-cf-id: SX6vFgq8T4UyhIAD20O4VvUp6f8oiPNrkB__3TopbZ6iBBhDTLSKxQ==
x-amz-meta-s3b-last-modified: 20220630T185152Z

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2A57 1 KB
643 B 10ms
10ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 06:47:50 GMT
etag: 48472445140208031
expires: Mon, 01 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B833 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30c2742a3a703efa72b0b10474085be02bafd8dc63fa539843acfb360d1144a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHgyMGK1bvoPdKlfVfpPUY4&google_cver=1&google_push=ATf1kGMJtX_DZ0n9ERhzOYV4YHVUsvtDtsx84tYsUKIRGsTsWZLBZPBoDj5N9XrYlyqk5Nw0XDMsX46tzMKg2CRQ8-1qABRKC7cNkw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGMJtX_DZ0n9ERhzOYV4YHVUsvtDtsx84tYsUKIRGsTsWZLBZPBoDj5N9XrYlyqk5Nw0XDMsX46tzMKg2CR...

170 B
188 B

42ms
42ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGMJtX_DZ0n9ERhzOYV4YHVUsvtDtsx84tYsUKIRGsTsWZLBZPBoDj5N9XrYlyqk5Nw0XDMsX46tzMKg2CRQ8-1qABRKC7cNkw

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 17:20:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B63D11A997E4FAEA5EB86CAE593B5CB&google_push=ATf1kGMJtX_DZ0n9ERhzOYV4YHVUsvtDtsx84tYsUKIRGsTsWZLBZPBoDj5N9XrYlyqk5Nw0XDMsX46tzMKg2CRQ8-1qABRKC7cNkw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 29 Apr 2023 17:20:04 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2A57 43 B
351 B 65ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA-BC5z6Lr5D4-2A0WjPS6s&google_cver=1&google_push=ATf1kGMLjx-C44F808E-Hbinly1xAQcDHyxXuE7yZmD45uZbI74dPWRgX4hFDH55sAcJCB_RMivEGKR9j2alIlnRFZiT07ws6ZZC9w
Requested by: Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 72jmv240ude5n7b5n2cm27vl24nrgfrn

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBWmDhDVAFUIwzspk0FmjQ0&google_cver=1&google_push=ATf1kGOIm212_1n_XKzpReSh2U7oH5lQWSqBLLldHf3Hi4bcEKXmxVQGGDnsKRogeGfOPX17ZVC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgzT0cyOUMtMUEtNldZTQ==&google_push=ATf1kGOIm212_1n_XKzpReSh2U7oH5lQWSqBLLldHf3Hi4bcEKXmxVQGGDnsKRogeGfOPX17ZVCNQVq5gXZLpv_dn9XXTv3UMJ6lQA

170 B
188 B

56ms
56ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgzT0cyOUMtMUEtNldZTQ==&google_push=ATf1kGOIm212_1n_XKzpReSh2U7oH5lQWSqBLLldHf3Hi4bcEKXmxVQGGDnsKRogeGfOPX17ZVCNQVq5gXZLpv_dn9XXTv3UMJ6lQA

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgzT0cyOUMtMUEtNldZTQ==&google_push=ATf1kGOIm212_1n_XKzpReSh2U7oH5lQWSqBLLldHf3Hi4bcEKXmxVQGGDnsKRogeGfOPX17ZVCNQVq5gXZLpv_dn9XXTv3UMJ6lQA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJBojONLsz_LRMD7M9W9b9c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJBojONLsz_LRMD7M9W9b9c&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGMOh7T4PgMIS7j8F5-e3oBzTGlL72o8O...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJBojONLsz_LRMD7M9W9b9c&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGMOh7T4PgMIS7j8F5-e3oBzTGlL72o8OOYWjPyNGmIdX5-egBnXEHWHSrcmANZTh1IQjt1LZ1-E97d1XCLhlBGdf4dPhVIOlg

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 17:20:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJBojONLsz_LRMD7M9W9b9c&google_hm=ZE6jQtuNFC55P-3HmF-EhQAADLwAAAIB&google_nid=index&google_push=ATf1kGMOh7T4PgMIS7j8F5-e3oBzTGlL72o8OOYWjPyNGmIdX5-egBnXEHWHSrcmANZTh1IQjt1LZ1-E97d1XCLhlBGdf4dPhVIOlg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAgKVPw6KEWLOaMDE0QwKr8&google_cver=1&google_push=ATf1kGN52nvIqq9H8IEKGRdZQ41LzO2-CqE0rcEPY5916cJKM8zeqfrFdiyNYsN4Syf3EAN4yMbk9ao-F_Xy...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN52nvIqq9H8IEKGRdZQ41LzO2-CqE0rcEPY5916cJKM8zeqfrFdiyNYsN4Syf3EAN4yMbk9ao-F_Xy5INTCCwdTn8TYVMsUw

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN52nvIqq9H8IEKGRdZQ41LzO2-CqE0rcEPY5916cJKM8zeqfrFdiyNYsN4Syf3EAN4yMbk9ao-F_Xy5INTCCwdTn8TYVMsUw

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN52nvIqq9H8IEKGRdZQ41LzO2-CqE0rcEPY5916cJKM8zeqfrFdiyNYsN4Syf3EAN4yMbk9ao-F_Xy5INTCCwdTn8TYVMsUw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFa8Slti_Ieslpny6Znhoco&google_cver=1&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSzi
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSz...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MzMwMDc0MDQ0NTk1Mjk3NTI5MQ%3D%3D&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQ...

170 B
188 B

35ms
35ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MzMwMDc0MDQ0NTk1Mjk3NTI5MQ%3D%3D&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSzi

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MzMwMDc0MDQ0NTk1Mjk3NTI5MQ%3D%3D&google_push=ATf1kGMbawuWkX2F0gYPG77ABNWznl37HlMJWIF6ITXg-z7OSdLHcjPQgocifCOWvJENMzFpher9bpwPtNwsQAOBZS24cI1WpSzi
date: Sun, 30 Apr 2023 17:20:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A57
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED3CaOyYkn85vrfCXgjz3x4&google_cver=1&google_push=ATf1kGMzZXIeQvr1N2gWzppYku8UmnoJmpUiRmGmjkHHl89b_S20syxWvFYY_56VZkzrH77bUB...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RVTk4clMxRTJ1RWY2YVJBYjVBZlVYbWZXaFlSWEIxUX5B&google_push=ATf1kGMzZXIeQvr1N2gWzppYku8UmnoJmpUiRmGmjkHHl89b_S20syxWv...

170 B
188 B

52ms
52ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RVTk4clMxRTJ1RWY2YVJBYjVBZlVYbWZXaFlSWEIxUX5B&google_push=ATf1kGMzZXIeQvr1N2gWzppYku8UmnoJmpUiRmGmjkHHl89b_S20syxWvFYY_56VZkzrH77bUBZsvjHZHt90oT1zcZzq31y-xo4iRO8

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RVTk4clMxRTJ1RWY2YVJBYjVBZlVYbWZXaFlSWEIxUX5B&google_push=ATf1kGMzZXIeQvr1N2gWzppYku8UmnoJmpUiRmGmjkHHl89b_S20syxWvFYY_56VZkzrH77bUBZsvjHZHt90oT1zcZzq31y-xo4iRO8
date: Sun, 30 Apr 2023 17:20:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2A57 0
12 B 17ms
16ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOj69ebi0Yk_pcPeIz1ZdbEgpFbCpBEoUgqjmRZkSFkcu_JU8rTPE0dxLh8DpZnVz7XHaBbA

Requested by

Host: acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
URL: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:20:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F00 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5165515199240&version=m202301230201&ct=76&x=1&cor=6114578270905385000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE31 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9956344593698&version=m202301230201&ct=76&x=1&cor=4022210109940551700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4C23 42 B
64 B 182ms
182ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvtTQeHJemcvtjmr0QYnv-nqHGUmbEplFaABeJMP86cIsft4d9lNBSUsDPj5sd7clYhRi0oKIxW0eghx8uSPXBQFAefwMgOldsdBuYBs74gayE4YhvRM3tMq0FGhirPVg3AngBmQ&sai=AMfl-YQPlOw3DH3kjvkmRwkjn5aThUFX2KcMBRW52RG-NzzB6RIG3xio2Cnh3YOtZrU8FxGb6a-h_oFH7RCHUFlDtsOP36shaub-hJXd9wXV1XWruUC1L8YK5F18J1VF&sig=Cg0ArKJSzK855o271BW5EAE&cid=CAQSPABygQiDU45TTdrJwJbEZsapLTCwaCUxyTXi9a15RtQdPHPQi751EZA6RhjZpr12Bi0At2OwXae1B1QBjxgB&id=lidar2&mcvt=1001&p=100,436,190,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2196926945&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682875203212&rpt=491&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 156ms
155ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2oat,pingTime:-10,time:1285,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682875203238%7C%7Ccb109a8e90547d361a6563ca5bb9fbbd%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C8455243ab15f79b40b56fd3ce2f4bdbe%7C%7C0eec73eb97506199be00b6522cefe886%7C%7Cbe57984917627313ea553d15d8ccd6b1%7C%7Cfecc51e0435f761227d6e2548a571027%7C%7C2162a92bc937a14feaf17d15e4deaf0f%7C%7C1663701684,sca:%7Bspg:8842205d-d75b-758c-8402-82d8b16c9763%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C23 0
20 B 202ms
202ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=612527458014&version=m202301230201&ct=76&x=1&cor=15389491847881708000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 123ms
123ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2ocn,pingTime:0,time:1403,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1403%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1403,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1398~0,0~100%5D,as:%5B1398~728.90%5D%7D%7D,%7Bsl:i,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1398~0,0~100%5D,as:%5B1398~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:166%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:04 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B833 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9375773894364&version=m202301230201&ct=77&x=1&cor=4349329245370843000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B833 42 B
64 B 115ms
115ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfpQqdXq8_0OuCBcstlFZfqLv8zMuXLET9cs6ura6vzMliDMLEgDD3iocTuT2rl1jAVr8ttkCgIJ9jtjVfcSRsidRgPNrnGGqfQWxQsdUvoCg9z16kX61XXsFo&sai=AMfl-YRJiusn0JcLRm9opuxA_0PFnOQef5vRvJmkNC9AArRqz5URRY-5-bBJR4s6X2ina20AcvYxOVu14afeEPJIY7nbCUuGS7oZsptF6Ubd_HRHl4dLpWDufdXJ5f36&sig=Cg0ArKJSzFhgQljvsNCXEAE&cid=CAQSPABygQiDTDT7wkRFIxoR7ScMG7VylIABiB2-kUObAef_oiK5iHng8t1bstKQ5A7aCHmj2zyH4qpEO6tnZxgB&id=lidar2&mcvt=1008&p=263,315,517,1285&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3763906004&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682875203895&rpt=598&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 95ms
94ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2osw,pingTime:1,time:2404,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1403%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1403,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1398~0,1~100%5D,as:%5B1399~728.90%5D%7D%7D,%7Bsl:i,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:126,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:166%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:05 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 222ms
222ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2osw,pingTime:1,time:2404,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1403%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1403,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1398~0,1~100%5D,as:%5B1399~728.90%5D%7D%7D,%7Bsl:i,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:126,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:166,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:05 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1F00 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=8842205d-d75b-758c-8402-82d8b16c9763&tv=%7Bc:bi2p5N,pingTime:5,time:5551,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D,%7Bpiv:100,vs:i,r:,t:550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B545~0%5D,as:%5B545~728.90%5D%7D%7D,%7Bsl:i,t:550,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:95,fm:tCVSQDG+11%7C12*.1352960-70224161%7C121%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C18.1352960-70224161,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:319%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:08 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C23 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=f2a5fdd2-3274-b5fe-132c-fb2cca6d3dcc&tv=%7Bc:bi2pv2,pingTime:5,time:6404,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1403%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:1403,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1398~0,1~100%5D,as:%5B1399~728.90%5D%7D%7D,%7Bsl:i,t:1403,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tCVSQDG+11%7C12.1352960-70224161%7C121%7C122%7C123%7C124%7C13%7C14%7C1511%7C1512%7C16%7C17.990511-61634097%7C171%7C172%7C173%7C1741%7C175%7C18*.1352960-70224161%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:166%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:9130:66cb:a1ff:2e14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 17:20:09 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 21:03:55	Name: demandSupplyTi Value: c1f5e191-0467-4a22-8fba-18be09607160
.demand.supply/	1970-01-20 11:27:57	Name: __cf_bm Value: SYPKt.c4IFxbqY.3L528MHaa3APxzXiNTfxc2nAYt8U-1682875201-0-Aah/hMwWlPxUzMb4BqLgFFcwstz6YynBkFlO64IWh9eTfOgjiOh233E4ZnRNgGqxEKIM7FOm5KEoEQTkIZmYTgo=
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstCfa4715052 Value: 1682875202011
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstCla4715052 Value: 1682875202011
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstCmu4715052 Value: 1682875202011
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstPn4715052 Value: 1
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstPt4715052 Value: 1
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstCnv4715052 Value: 1
koooralive-tv.net/	1970-01-20 20:13:31	Name: HstCns4715052 Value: 1
.koooralive-tv.net/	1970-01-20 20:49:31	Name: __gads Value: ID=bc3171074ca6bce1:T=1682875201:S=ALNI_Ma-S9Z8Re75yGGJaEwA3UxWtfVxTg
.koooralive-tv.net/	1970-01-20 20:49:31	Name: __gpi Value: UID=00000bf38cc3cd6d:T=1682875201:RT=1682875201:S=ALNI_MZqR85pcY6YSSeRRwLmlmfgC4U_OA
.doubleclick.net/	1970-01-20 11:27:58	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:13:31	Name: CMID Value: ZE6jQtuNFC55P.3HmF.EhQAA
.casalemedia.com/	1970-01-20 13:37:31	Name: CMPS Value: 3260
.casalemedia.com/	1970-01-20 13:37:31	Name: CMPRO Value: 3260
.adnxs.com/	1970-01-20 13:37:31	Name: uuid2 Value: 1193534044064413236
.criteo.com/	1970-01-20 20:49:31	Name: uid Value: 5978118b-e313-418c-8486-332d355635b9
.quantserve.com/	1970-01-20 13:37:31	Name: d Value: EEABCQHwKIEA
.quantserve.com/	1970-01-20 20:58:09	Name: mc Value: 644ea342-97e66-f690c-7f2be
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjUxNzC0MDC3MDUxtrQ0NzUyNxPiM9QtNPcMDfbKyc3McAkGADMoDjglAAAA
.rfihub.com/	1970-01-20 20:49:31	Name: rud Value: H4sIAAAAAAAA_-MSNjUxNzC0MDC3MDUxtrQ0NzUyNxPiM9QtNPcMDfbKyc3McAkGADMoDjglAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Sn1yNX1dElLd87PSY0PMIj3SS3NtwAAA8QqVx4AAAA
.rfihub.com/	1970-01-20 20:49:31	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Sn1yNX1dElLd87PSY0PMIj3SS3NtwjiNTSzMLIwNzUyMDIzN3vFiMI3BwDOG7LdPQAAAA
.everesttech.net/	1970-01-20 20:13:31	Name: everest_g_v2 Value: g_surferid~ZE6jQgAGq-Mm6gBa
.yahoo.com/	1970-01-20 20:13:52	Name: A3 Value: d=AQABBEKjTmQCEIl_59gib91g-TEf4G1GJQAFEgEBAQH0T2RYZAAAAAAA_eMAAA&S=AQAAAiD_vcOqNzflTmkVCBR3Ji8
sync.srv.stackadapt.com/	1970-01-20 20:13:31	Name: sa-user-id Value: s%3A0-4e11f466-dc9a-503d-6999-403c73b9f118.nonJxxzM2aWZHfZDCqAJjYl8PmigGAisHVshIf6GRyc
sync.srv.stackadapt.com/	1970-01-20 20:13:31	Name: sa-user-id-v2 Value: s%3AThH0ZtyaUD1pmUA8c7nxGFD_Csg.Lbo2ajNzhtmrceoC6TXFYcV2QqYTqakD3tAvrbrCCFY
.srv.stackadapt.com/	1970-01-20 20:13:31	Name: sa-user-id-v2 Value: s%3AThH0ZtyaUD1pmUA8c7nxGFD_Csg.Lbo2ajNzhtmrceoC6TXFYcV2QqYTqakD3tAvrbrCCFY
.turn.com/	1970-01-20 15:47:07	Name: uid Value: 3857870651433666265
.koooralive-tv.net/	1970-01-20 20:49:31	Name: cto_bundle Value: 9ygQS19mUko3U2VzMDBPNU43cWhFVkglMkYlMkJiQm1GaFJ1JTJGbEJRaFZOS3V1TFhwU2Z6aDl5VlJQaHhVQlM4YVNIMzdOTCUyQjBLUjhVQmhwWktENjRaRzQ4dUJpNXRxU3ltdFZseUx2NDhnajF5dUZCcFdlSFNTU0RtR3prNXolMkZLJTJCblQxVlFrS29PS0pPbk1TY3FxQW9Uc3NxUU1aMjNmdWxydVo3dmIxMUpZRUIlMkZjVk1XbyUzRA
.ctnsnet.com/	1970-01-20 20:13:31	Name: gid_CAESEHHwcPajaQiDZ4LTD4WKGbE Value: 1
.lijit.com/	1970-01-20 20:13:31	Name: ljt_reader Value: GkXwrGZHS4n7D_PxS6KskUpR
m.exactag.com/	1970-01-20 13:37:31	Name: exactag_new_gk Value: 28f699a846394f03858236c3e053f135%7C29.06.2023%2017%3A20%3A03
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 9e4ca46ed1d945b28709eb2b
.1rx.io/	1970-01-20 20:13:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bc63fd84-e58c-4048-a3ab-4dfe23b4ed7e-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 20:13:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bc63fd84-e58c-4048-a3ab-4dfe23b4ed7e-003%22%7D
m.exactag.com/	1970-01-20 15:47:07	Name: exactag_new_uk Value: c942298f72824e14a505545f7784841a%7c
.ctnsnet.com/	1970-01-20 20:13:31	Name: gid_CAESEGVQZ52_yTBkLi2yMVeeZac Value: 1
.ctnsnet.com/	1970-01-20 20:13:31	Name: cid Value: d24ebed8274b42e9a00600817ebd4b2b
.blismedia.com/	1970-01-20 20:13:35	Name: b Value: 644EA34334FD38477AF531E0BLIS
.simpli.fi/	1970-01-20 20:14:57	Name: suid Value: 5B63D11A997E4FAEA5EB86CAE593B5CB
.doubleclick.net/	1970-01-20 20:49:31	Name: IDE Value: AHWqTUmwzUAJOxHMlIwDswfHR3YGBjcNuCDO-0n3g-ylvpmrX4jvlYIqnBC7ctqMYwU
.pubmatic.com/	1970-01-20 11:29:21	Name: KTPCACOOKIE Value: YES
.bidswitch.net/	1970-01-20 20:13:31	Name: tuuid Value: 6e06ff41-4ba7-439c-8386-eba172a3b352
.bidswitch.net/	1970-01-20 20:13:31	Name: c Value: 1682875203
.bidswitch.net/	1970-01-20 20:13:31	Name: tuuid_lu Value: 1682875204
.pubmatic.com/	1970-01-20 20:13:31	Name: KADUSERCOOKIE Value: 7BB1D91A-88C5-49C3-9EB9-005C58FD8924
.adnxs.com/	1970-01-20 13:37:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbYvy48Y!2!_IPupfp68r?FfxLLEpWnlUrX4Ly2jcTW<`CKQL]0C8:2:rSI5>k[M^_(j#iP(Md+>)fy)pGHJai
.3lift.com/	1970-01-20 13:37:31	Name: tluid Value: 2643300740445952975291
.analytics.yahoo.com/	1970-01-20 20:13:31	Name: IDSYNC Value: 18yx~2bdt

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/fra_psg.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-3-5.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/02/egy_pyramids.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/180px-BolognaFootballClubLogo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/02/1391801722.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2020/01/download-3.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-6-2.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
acde157c5fc8f497847374f0a563f324.safeframe.googlesyndication.com
ad.turn.com
adservice.google.com
adservice.google.de
ap.lijit.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn.besafe.global
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
fonts.googleapis.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
koooralive-tv.com
koooralive-tv.net
live.demand.supply
m.exactag.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.ad.smaato.net
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
x.bidswitch.net
13.248.245.213
142.250.186.66
151.101.2.49
162.19.138.118
172.217.18.98
172.67.208.32
178.250.7.13
18.194.221.34
185.64.190.78
185.80.39.216
193.0.160.130
213.19.147.44
213.202.235.10
216.52.2.16
2600:1f18:1aca:4281:9130:66cb:a1ff:2e14
2600:9000:211e:3a00:1b:5138:8a40:93a1
2600:9000:223f:8400:8:48e:53c0:93a1
2600:9000:2250:a600:a:e047:752:b361
2600:9000:25a2:2600:8:455e:4a00:93a1
2606:4700:10::6816:3456
2606:4700:20::681b:4171
2606:4700:3037::6815:519e
2606:4700::6810:8616
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:6c00::210:ba19
2a04:4e42:400::485
2a05:d018:d29:3601:afe0:73b0:382f:616
3.75.62.37
34.149.12.213
34.252.16.161
34.96.105.8
34.96.70.87
35.186.193.173
35.190.39.111
35.204.74.118
35.227.252.103
35.71.131.137
37.252.172.123
46.105.201.240
46.228.164.11
51.89.9.252
52.73.108.74
54.194.221.155
54.39.156.32
65.9.66.122
66.102.1.156
69.173.144.165
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
10a13585f3e24b998e443db7ad6466395df5500d406708e12b4451565fe68171
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ec8e9b1c3c990e426806399402590e97f2fb899a04e92a1e4bec7e3ccc2dce
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
14d4e409f3118c0510a6b5a386f65cfa12dab9f8e60bea1dba6c1880931f8b3d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
189f1bd8668038e0612dca0b6ef19cb38b85f7ad6ef4780122b0694aa91eec37
1a3d3b4863983fa06babdd097dc9b46764215114198b480ec16d71170bf37311
1fc841e506c83e583ab37f27bd3b7f5f613f4f25711925332b69fc84605920bb
22105c51ef3cefac91beed7a89642951165c0e2f293c1c672572433e54cbf7b6
24b7112b9aa151a14f3cebcbd3812297a032664a4c70c048fac25f158d0a14b6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2cccc8580d72f5b0510a8aac85f11825f9bf81741330f33d805776e6cbbb3dc5
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
30c2742a3a703efa72b0b10474085be02bafd8dc63fa539843acfb360d1144a5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
348375bb3eab9b8ba5741fba063eb18ca58c0e3f56e9e025c4ceb70c519980ab
3552f2429fea99c852279d5ab818255d790444e9fb6e8dfff7e7b5e4b1ebaba4
362d4f595c8f76ef42e85e06ac8aebe0817321a4f0cfbf585da3af990f6a71f8
36fb8b973ca16b28c844f2b17e1cdce0236318f53581b3ce3007d95960be3488
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3e42d0e7ce526ebff1687936922330e3747388f4a3d4ed14a3654fbb02228a2e
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a31dcc8145cda5077f9e148f349dc3efa073e864648d0608e5f5b6abbcfb3d
47fcf6d935b81e117e7825df2d815792a74215760a5b4ae982103224a8198e0e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
490a0a636b6524b952dc10a3968522b48f663b70f0ae12aad99bc22bb9330cdf
49497e90301af5b37ca285a98ef3eb638e42160e468c0be14872efa0b25d7353
496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c2ca9e4f9f1094f3d2cf13acb3d7ae320991d9bf2b89a07420427a4ebe830f
5c1093716b2a8c90646b52add87a640a74938781e3746e4980099038b46bf3fc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6cbac725a91d56dca3e40107e70ec8eb3ee4a69506ed50b74e8de072f5e2b4e4
6d95091f522ae123b3f0e06ee823244f29c5a9f318a918e7cca9ab36be56218e
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
7a58cfadb979b097ea9dbd548bc47368aa929d965244d27dd0460cadb5e0e066
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
8292c79a44356dae0dd28d94606a3674bd2d613a93d7304d3090b678cc1755f6
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
83001bae2dd79ad9ced3c1afadf290f66ce9eda0b90594d5392735ce5d5d86db
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
88ddab70440d20d30c042998231d7376b5f8afc3d63512a2f0c7e438702d57e9
8c7a984a119863e9375ae70a7e3f68c9c3b54199a34d61cf0f56947194f40ea4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94138baf720590941ee5fed00f75c6a2bca6b4456a226fda41ab27e19203369d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
97a29843bf7c8613729332222a870e2e69fda461bd7d009c7c9a6600aebe39b4
97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9d0cb030405f98201a994a7eb88da696861ef1a4cf0ed6547fce9107b84788
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d7a1dd7f78500b91b3e8223be83276e2e533777de305e9f5983f988405b1f6
a8bae459296ed0024ead22309e46770906a748cd40ee5d6b39970f9fdee05f30
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b670a0c78e1e281466ce16c5044ee2954d73fd924bf6b67abc623c32008705ff
b9e8766d97de1b202fa602d733471a2485d2ab2273225a52d7499e69dd8e8bf7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd97bf9b50920a9a630261fa389160caf2cf3504079b972855e92980e1dd78b
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c017bc7a4f1b4583addc5207f8f72b10d526512db16b91473d10da8d2be6d9dd
c4122f1a41b892c3f3c66de8ac770597d7526f7d4f3f9cd683ff1acd7f4e2503
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca7fc0d9dea60259cd47ac9185dea859cf93cba538b4fad5bd43c92f91789e74
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd4aa0ea8c1ac7224e172ebc0741342b07867a306ebbcaae4538862427e0ac47
d46b04608f2a24066e3d5568d772a0d0caa9925228b3b256d59ea5ad739f4e13
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e0542badd3ee953b5aaa1cbe327b41015004e78fe9ff6a74bc00d146997af122
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e35f1c825c4d36a806dc04125c2def97df1efdf357c136fc7b4a80063638e138
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e58092b323ad0dcf66e755bfd17188615b08e6359ebc2a9a48ca6cb4f084fd5b
eb7eccd974188f2666715685eb410c6b9ca15b560de1d1d95990ebcea0a2d17f
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ee0da5140d8c395da1befebd9cc39629786a9f924ecc3486467e75ad6c89c2e3
eea4b5bd261a18802261624ffbbcbe160429245f91779c4866851c7b1294e5bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f818ff3a63f7a54cbc1cbfa6a3c73bd1472836d5e939ebe8c4f71b99a5cd708e

koooralive-tv.net Open in urlscan Pro 2606:4700:3037::6815:519e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

296 Requests

84 %HTTPS

43 %IPv6

47 Domains

65 Subdomains

46 IPs

7 Countries

2420 kBTransfer

6286 kBSize

50 Cookies

22 Outgoing links

Page URL History

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

koooralive-tv.net Open in urlscan Pro
2606:4700:3037::6815:519e Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

84 %
HTTPS

43 %
IPv6

47
Domains

65
Subdomains

46
IPs

7
Countries

2420 kB
Transfer

6286 kB
Size

50
Cookies

296 HTTP transactions
12 data transactions