oneotv.online Open in urlscan Pro
2606:4700:3033::6815:2179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oneotv.com/
Effective URL:
https://oneotv.online/live/
Submission: On February 22 via api (February 22nd 2022, 2:07:00 pm UTC) from SG — Scanned from DE

Summary HTTP 176 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 176 HTTP transactions. The main IP is 2606:4700:3033::6815:2179, located in United States and belongs to CLOUDFLARENET, US. The main domain is oneotv.online.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 3rd 2021. Valid for: a year.

This is the only time oneotv.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	2606:4700:303... 2606:4700:3033::6815:2179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
176	28

2 2a06:98c1:3121::7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

oneotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700:3033::6815:2179 (United States)

ASN13335 (CLOUDFLARENET, US)

oneotv.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.216 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	594 KB
47	oneotv.online oneotv.online	383 KB
25	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	200 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 638 pix.eu.criteo.net — Cisco Umbrella Rank: 7678 csm.eu.criteo.net — Cisco Umbrella Rank: 7893	429 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	76 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	182 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	228 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	5 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12444 ads.eu.criteo.com — Cisco Umbrella Rank: 7942 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10187	53 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	oneotv.com 2 redirects oneotv.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	5 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11797	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	648 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
176	19

	Domain	Requested by
47	oneotv.online	oneotv.online
30	tpc.googlesyndication.com	googleads.g.doubleclick.net oneotv.online tpc.googlesyndication.com pagead2.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net oneotv.online
19	pagead2.googlesyndication.com	oneotv.online pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	s0.2mdn.net	oneotv.online s0.2mdn.net
7	static.criteo.net	ads.eu.criteo.com
6	www.googletagservices.com	googleads.g.doubleclick.net oneotv.online
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	pix.eu.criteo.net	ads.eu.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	oneotv.online
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	oneotv.com	2 redirects
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	m.exactag.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	oneotv.online
176	28

This site contains links to these domains. Also see Links.

Domain
oneotv.com
www.facebook.com
twitter.com
tr.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-03` - `2022-09-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://oneotv.online/live/
Frame ID: 07FB4757A6115DBD6060728C1F93774D
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: 6780FA1AE1481EA1BF430C8B18D264DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128
Frame ID: D0018619470F381839375E0E3C2F4FD8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=1682538932&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814568&bpp=1&bdt=203&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LpGXwSLZsV&p=https%3A//oneotv.online&dtd=143
Frame ID: C3C67B01B54608E7EA618F1BE5313EB8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148
Frame ID: CC7FE3C128BD83D3AEAD1370BD4E9B51
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162
Frame ID: 496BE703A3CCBD75A6DDDB89B56C8A20
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&adk=1812271804&adf=3025194257&lmt=1645538814&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foneotv.online%2Flive%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814601&bpp=1&bdt=236&idt=135&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280%2C1080x280&nras=1&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=147
Frame ID: A8D82CF3B9A8120DF14CA9ABB49A3F59
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhTt_gALZhMKGI1FAAE7GC0SEWkccogv7aW4RA&u=%7CnYmHdKDDWGw8yV16Cw2i5GQbbcL6%2Bgtg86P8KHVooR4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcAPegXqp7-DoTlZjEJ2d4dzNJCQUNkFKNdvo_xxoUjwarwZ1cKZDxSH_gEH0R066GHc5pEKfkBAA4ZvCfaJxN29nySA64n2DyRSEp3BmNBgWxnT-BFSMP_51QG-FRMVlLoXjRbkYZLpM9P-scRWXnf9BN5yfqESpUzy_CrCiF4YKXVvPFhTl1USJmT-vWCl9O775Jlvq4qSpe6u5_K2_0noemc1ttvZxLPSsOGwwiZnUJxK9sr0BeJwFfc0OENvNKKaNnIDfBJkfZB4_387SOKk5HmQXQq08g4FRFW-PCZEq7IINV-IvNdKZhjIXfWFphkekJ7xE36Ym4Sga53Y0eMIYiPu4u4xaRwj0VcNKZt_pkXS4YFgfBbLWPMIDswBW_zhJBRWioGs9qTE0XAuHf0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSp9y_u0UYpPMLcWaYpj2hKgPyZ7SsVz12pb3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDEwOTY0NjMxODk2ODQ5oAHVttLqA8gBCakC3zuLDvb-sj6oAwGqBMMBT9BFYRfMJfkGSffYEkFFKIVvxluEhCSoPnD4IpDFZoLoq1r79_w4CfbzYZ0fWrisFKsRFrogbeX-FsYdW4oKVIbB1x0Zk2If51v3JkSXXj7YhUg9F6fEPDo7WQSEpny4SG2Bw9nILk7MKxvBNIH8v6TH2CBnHjPI5vaRkTkUqrVSqvZEbd32g4yifCKwoApQkTYz-L7vUII9DBS1RQzba3aIpZq5fEimBo_nBieOQLkpkNV0XWCwhn7HTVKbrsxbq2NugAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0do1RbzIDF07yUOwb93jmu3zOpdQ%26client%3Dca-pub-7010964631896849%26adurl%3D
Frame ID: 8D8AB51CC1AF4BF51D0E818DDDBE2CDC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD2A1235B19DAE0CD50624EDEC5AF41A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: 69896BCC7677594440306F4D4B155127
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: 218E97639E5E52BB3E5512994C54C092
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=50&adk=3871419120&adf=617929495&pi=t.aa~a.2760614165~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1645538815&rafmt=1&to=qs&pwprc=1804298437&psa=1&format=1110x50&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538815639&bpp=1&bdt=1274&idt=1&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D72775038c41ca29b-222d3a2b49cd00de%3AT%3D1645538814%3ART%3D1645538814%3AS%3DALNI_MZYwRtGZLWE_PzFpRohqLFuYqIxnA&prev_fmts=1110x280%2C1110x280%2C1110x280%2C1080x280%2C0x0&nras=2&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&psts=AGkb-H8Uhfuu6GG0pGQfNpkXg0qtlVYd0XBznMB-fU3Icfov-wSSFpe0O0V2-fdOMbn_VOisZy3X05BAwIkP%2CAGkb-H91FcxOBqcIyIJEZO55p0GItDh7s0qvU-PypHZ4SNm0dMZQ8I2ALGtaAUxYIU4O-SbfoXKKNFdzKQ%2CAGkb-H9RPjpE5w0zZj9pmGirnSVXygN6XCW4ZP4e1GAjTQNoZ0hjgIHnUiykW3mojzDXxlGYawq5EZd4uEDVIw%2CAGkb-H-5zoow8zMkg3IWKX6bTlRSznRKalT9HoxlQQHTQ7peUE5Jomxq9XhnXrsKYocP_oPYuVyYGw4jPrw&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=WbzOsIKXI6&p=https%3A//oneotv.online&dtd=10
Frame ID: F676BD2A1B2650E281D0476542500828
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: B34BAFEC92B7ABEA11B3DD6CF15050B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1
Frame ID: 48DD597D1D2944B17688C3FB86AA8B69
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1
Frame ID: B361E5A047DF24825CEC700F6419639F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzEWhDxmu4BGLjrwb4BMAE&v=APEucNV9S1a5ZVdBI93bJ-EtfZUNzTfLhrCg26VZtSs8BoHflLTclxRy7qng59pY8gwNjlqXPrCGNlTgY5-V-ng5EbazNreByBcgZlZN4nuVXvsKsnVkFrHstLvR6zKxmsOacywbbeN1VHOIsIM9aVwlyQxQc6G5wir7B7VOTq9h6Uzf3_ZNXGw
Frame ID: F28FCBF9AEFC1C7D87033DA3713EE576
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjEzBMXbo40BEMd220JWzrF_IbB7J0-O3lsA3VcFnG8YclJzIfn4rZnvETqU4cqHMAppF8PdokInZuoTvuZHkrovTgR40OoluFygf6mF1IbVCfSER30bnO2ZxTMNYzXxL20VnEyov1FO_EpoY4DObf5KXmnQ&dbm_d=AKAmf-Anh2r5YgxmbVJEZEGXGqgt0yzTxczMhysoyHIrn0PxR90tNExie02PUR7ixDJdHnw4kRgKwrvqgXvWLtqTT-WRhycpgEQHK6C4ox_xpe2sPjiwa8EWUoHzkLE7zqOxwYcjUrt432Zp1cdxQumreQ3QQVcl-Jtc_jPrcE101u__5UKXqxdSM97Xem73Nu66xk-OYb1PnMQcQSa1GPy9uXcG8-bU5nl6EPegC313TVJUmTsMqrbjIGuw9TNs2nLA0uRNoQcleW08ev4GpPvXDwVMhIbtZ84mgczTBaY6GmyFElpqjZzR8O0K9h7BhKciVBX5daGChAd8p08eyNovjVCcqwrQ4j35HTzV9JUmuxBQgOErFAZ4ndvQCMpYrZ8-V384l3_pUls7mvGah4HRugH1ZL9teCIHzp8Mg53oO5e6cWuYrN0LCmdOaDC-ffmwx-Yl5J3ip5zy6MNVaqerJVPEsCDf2dRWMxQbyWkBl5rfwtL2FDeL--JP41jrQ5B7ypn7_iYA1Yfn5nLNVzRcLo3O06YF3gydqFpC7BHKVl4jlxNOkC7KGmDV5ur_xBNaQhuYuQuT8pFgfmqWiCJv1mo0UpQ7k7oL1P_KJv5rr9e3geL5W6_Q0cz1WWTIHtzgpXU-Q9YOt4-wNxuN3KMeGe0iZ5if534zUSI0iG4lsiYFTR1ANOZOIxYdqLNFyg9D04DU7B-569qO10lWi48tm0E_EkrmHgfhMEAZ4DpWfo1qv9GDQK8I0BH2obZuKIvFtbX4byP2Geuxw9O3iMKKrUtt2VZa71BU7dZsR7L7JV9oZC6AWGpiKcekOPwYFoFx6WlVV1ROAln7rX2WpOSSzZTvsEfvORtJSS-ofEoya3qAwbd5T-haD4HZUW6gm-qUlFEZ9Ofcu5KCk9mLSVpk9BLMbPXHdGjT3335Vk4SLGmbce2CZ9-ZLkxrknfZGfLhR5jiCSAJQplR2-ZTCVxpsyeoZBAX7fDB43DouT4H9EQkVLgxWG8ZSkDYIyJ8IAmVN3wnKumP9tJ-x9xqPeT5hS_foQdUSe9FGIBOWovg0Il-1cQ7HYAsYh1JA3Oyji6k7qnNXwAy9Dk4qGO3SS7ow-mVJv9tjmmp73LdgpeJm9VavC9ExlRU76I0Ab2XrJJBvlEktWdgJuWEjKUnZvRD8HUt_JiB3DgPuRYxKlsePajJcssdLNwIDCUgj4aa9m92GG_VeZN_EeXwR7xTJljFl4pDZmxrYxzI_cMKE47e3bGPSFHmYWX76AhXBK010eOEe0A10nfGIUphJi17iZWLCMATnlOmMPT8jH0PTuBRcfZ3w3Aso3sVzZ10GM68QyBcvJUVUJso0WCtLtyQpaAxnpp5xJ3Ban1cAvRbGB-_degkN8rtLviJtsmnCIypIm1j3K0mCOWP3DBroZdz24VzfImDWsbPb-AhNCFrwh1d0pnlX633JziD0IAQHMruAMtxEdZlDXJAcHuATKBdkRrhk_Qvv2o_xey8-2t86STvFG_r2xIRfnAnx4ubNzZPWkPHBpEP2Ysxo26ltxhKIjhZrFr20LA5PSdJasdy3UPXOI67NsmKaPC6LparQcALRRB43Fe9Qatb8MjuTRsHyRZIVCts7GJKibcasVya4h2QaPL-4LJA773Dhmt_0rEnvf2X7xrbpNlYKoDsPFNDIgrK1CiBFmJAa7JZvV41BOBsSUBrDDOaVftEojwQVjNdLB6LEdWPc15RvUmoMGI7Cet3cz4LgzTB1QavslEtdf_eyjHMhrlD9zgOCjES68M9rLPcxBIgstAgwKxmrHhLXV0D_9kG_uao-xajcAYZ-Vnwbs3YM-ebtt7WCJq2DrLnqKbCT5fJuU9VXG3AbC0rAfBTkA2tykda6RCvR1YCSt04Y-S3wsNPK3pRg1Swf4r_wmK8l4tfmHrAQsUEh5ChO1O3JuM5Q9oaUokOHaK3PQci0LONh8wZcd3BqfhpRtW-AJmAIACiFWq1uRRbaPYFmtWfEnpP2-j-TVtrVL9V8fJvLETOK9_L62ctABWrhTnB3Jg3UDP47Rpz-jMqe9FDREi0EA8VzSdqI_xnlIQFdrMQjexqRH4YTiJerPH2nP8dIN93a_Y1eSOCRe-fba0tZp0z4yNHFeNrBhcR6b5wWXy1V2CFWoWCvS-Pnpkdyvh6-Qqpz34x1DPWe9An-7vmM-LoymJBT2SQpxOPvVDwOfVR1w6RvigwMkmiJADbyRPnA-9Rx3w2cRZRfH68aERwTqw4mn_wiyc6FxckWgTgztAsK6wB-S44T-n_iZ9tuCDy0c9ZVO-FL8i7lIZjyibpGe_netJXrm6sdQTy0JS6pI0fkx9_yecRBt-ojhnFwYsGuIQaiInIpIqKN950dHs0RUOz7xVsvfSvvhzps827IErQkJxeBZX6VSA1MN-JsmMYxApAJkCMjIHHof4SQ_ahrWl5KdswbYrQLorw_DNIhBg3JDf6kMLc-brSYVQBUfGZ4ELvQJbHxqcnqYUwW3tL5N2bfPXOJaUP1G_p88enNi1eJauW93kkm-LzhNDCklEFkT-6U1W3QrbZhxf0M2HONN8P96MhC6j5uYGf7RZJF8wPamgr0FsFjP3XcHMM_NnSklkNsOCVq2wlJR-a7kS4JIARoly6809JJ2X-8Ns6a6vV7imthzMV8vRb-HBNzM1EJBPVQZauYNAybZ4cjzxkDTqBeVsCT1d_WpPeqCnV4zcXIo50v0spH5lH-y647oFHad-JIk4kadLfvhVL86pgRM3yLc5v1-w7BeXJqF5U6oPlJw_981q7cdwSgP_AzWSJmqr_Pu7ht-89uNrkmygX4GtaYXhlmyL0RE4XbZRz6Vqg7VKXPKZwdkpSsZP0V1HgW5KMhV7nSgMF2ypjqNj_0I8PoJjKdB0zqwW8AYflYc_iqIGtyGVXpYMvQleuERIg5D9uuDS0v9o_kiMwpm-xH5HeL-sdZQlUn-rdg5PcI2Ki-PqIP3jtQro&cid=CAASBORoOEc&rfl=2%2Chttps%253A%252F%252Foneotv.online%252F%240
Frame ID: A593ECEA6494CD8E8A2767B8A0B300DC
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C95787E11925E5FDB01FA88B01EFD7D2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A01246CA3EBEC53D0590B35FBE1384B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D38D9EF0801E36147AD6BFFFEF840B1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
Frame ID: B06E75A049E9278A48A9C885C604E7D1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: 1BBC8FAED9DB8A1EAEC0F2E045303782
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A82CD9F4E50D2EE1E8BBC521ED877759
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D99A43F5A0BA7A06F9249B319948C33A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live TV: Watch Oneo TV Live stream from

Page URL History Show full URLs

http://oneotv.com/ HTTP 301
https://oneotv.com/ HTTP 302
https://oneotv.online/live/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

98 %
HTTPS

68 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

2216 kB
Transfer

4655 kB
Size

17
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://oneotv.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://oneotv.com/country/united-states-tv/
Title: United States Live TV Stations

Search URL Search Domain Scan URL

URL: https://oneotv.com/country/turkish-tv/
Title: TURKEY Live TV Stations

Search URL Search Domain Scan URL

URL: https://oneotv.com/country/germany-tv/
Title: GERMANY Live TV Stations

Search URL Search Domain Scan URL

URL: https://oneotv.com/country/Azerbaijan/
Title: Azerbaijan Live TV Stations

Search URL Search Domain Scan URL

URL: https://oneotv.com/country/Horse-Races-Tv/
Title: All Horse Racing TV Stations

Search URL Search Domain Scan URL

URL: https://oneotv.com/page/about-us
Title: About

Search URL Search Domain Scan URL

URL: https://oneotv.com/page/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://oneotv.com/page/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://oneotv.com/page/cookie-policy
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://oneotv.com/sitemap.xml
Title: Sitemap

Search URL Search Domain Scan URL

URL: http://oneotv.com/
Title: Oneo TV -

Search URL Search Domain Scan URL

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://tr.pinterest.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oneotv.com/ HTTP 301
https://oneotv.com/ HTTP 302
https://oneotv.online/live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1&C=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhTt--mZnNOgY2NpXrAIVgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBQEH_bd_fmvUXAWZyYuQd4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBQEH_bd_fmvUXAWZyYuQd4%26google_cver%3D1

Request Chain 150

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5OTA3NDE5MzA2NzI2NjczOQ%3D%3D

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

176 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
oneotv.online/live/
Redirect Chain

http://oneotv.com/
https://oneotv.com/
https://oneotv.online/live/

43 KB
9 KB

188ms
112ms

Document
text/html

2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.16 PleskLin

Resource Hash

4c0e6cc1989a875dfc1bacd35fa70e9a1d417ca0d014e06ec78a5a4f57dff40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.16 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5Py%2BnioGJpK0NXwSdbLLjo0ruCis4QYZQlbv3wsRyjacSh3idg5GMk40m7R8CV6zY2blmBx%2FR%2BxOiJzFd%2B3rh7bYywmNesqW4x2%2BgJDTmhDzAMu33gK1bvZOvh0Bg9p03rBA1HUv3oCD1pK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e18c71529956d7a-MUC
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-type: text/html; charset=iso-8859-1
location: https://oneotv.online/live/
cache-control: max-age=604800
expires: Tue, 01 Mar 2022 14:06:54 GMT
x-cache-status: BYPASS
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCN0moEmF%2BI0NInvIcZo8VwZAznCfcs%2B2u9ydhIjOn0dN41eV8tGpve2OI99A2yBdQDY9fVC1qijTbSuMSzyv%2BfXeGGh8TiHIHF7Zr71vfS7%2Fb9ejq9i0sf3dFZh%2B7A8DzV2U5c8cUpo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e18c7141eb55995-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
oneotv.online/live/public/vendor/bootstrap/css/ 150 KB
24 KB 37ms
35ms Stylesheet
text/css 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-2565e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqd18iUj8taOTwf2L4ir483jzNGDEXH74nrSIfUQhZMwiV4u0ESOe9SzFGNyV1oxFj8qm6ItKgIotXXlKjWWiYzEscrJCrMekZvRzA31U0GdEzukG1SkoByg3mgxgr4G0n0ITT6ZYwLqVGIS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 6e18c7160c1b6d7a-MUC
expires: Thu, 24 Mar 2022 14:03:19 GMT

GET
H2 200 main.min.css
oneotv.online/live/public/css/ 11 KB
3 KB 35ms
34ms Stylesheet
text/css 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/css/main.min.css

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

3ceae708d0faa8b7eb929fff5871809c816b29ea744e70cb66c384d1a5530a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-2bf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1W0mXHcGAuMTQcBHLwp6QCg%2FaYPZCO%2B%2FF2W1NxEoT%2FKseJwyxuyFcZEQ1%2BYr8FmxRVIfaBPVUfDa%2FpIczo6P1lTJ98pTR6Vxl2c2UIjKrwCGcySYJO4qlKB7jq5%2FVhfy5LZtwEY%2FnTZQEB5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 6e18c7160c1e6d7a-MUC
expires: Thu, 24 Mar 2022 14:03:19 GMT

GET
H2 200 font-awesome.min.css
oneotv.online/live/public/vendor/font/css/ 30 KB
7 KB 43ms
43ms Stylesheet
text/css 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/font/css/font-awesome.min.css

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBniIEqBLMis%2FF5uG6CtFzpSaVKkhDHQFon1XdpQhTaBjR6ejrJ2TdOncuDc%2FloHEs%2BKlVSAuEA50X8c6f9VirhZ%2FgcD%2FtMzNGSvewwcJ2LU8JaK6zToKj083AwNGzWUWLTK36b2UP7M2fJW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 6e18c7160c1f6d7a-MUC
expires: Thu, 24 Mar 2022 14:03:19 GMT

GET
H2 200 swiper.min.css
oneotv.online/live/public/css/ 13 KB
4 KB 38ms
38ms Stylesheet
text/css 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/css/swiper.min.css

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

75635cb40cb02231c3c593ec49293373858cc5691070dc1f26376e6575c1b82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-3564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FWbkrwj51l5Fu4qq2Z0De%2BOvGmB75YcgYSPWt%2FFebs%2FLy0mQR522ynCC3%2B2mw%2BowI7uoCA3ronLUYjpAIGKA0Wg52oxsVt6S1MxPvroRx3ecAuNZU8baMhzgztphMyyawSDAoMuWA7gM%2Bqb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 6e18c7160c226d7a-MUC
expires: Thu, 24 Mar 2022 14:03:19 GMT

GET
H2 200 sweetalert2.min.js Show response
oneotv.online/live/public/vendor/sweetalert/ 36 KB
11 KB 51ms
51ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/sweetalert/sweetalert2.min.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

49b03786748b56665456cd661bd2299481588f194535cab874d33d77a1980f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-8fce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qg0ZXJm0NVcYnADAK8CScr35NL4zqjIWFKPak1GiE5wdlS5vKSSRnGIq8%2BAgP4EO8OhXxoPmuhvwstNU4piDdpKBddtlDPll8z%2B6Z8bf%2FjunadjrPAPSSPAoYnlEKUtZlU1bbTRF8hhZBgKO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 6e18c7160c276d7a-MUC
expires: Tue, 01 Mar 2022 14:03:19 GMT

GET
H2 200 sweetalert2.min.css
oneotv.online/live/public/vendor/sweetalert/ 26 KB
5 KB 40ms
39ms Stylesheet
text/css 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/sweetalert/sweetalert2.min.css

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

89109fc89293e1254603e4a8f4e7550827085b4cee2812d7760f9d88c401e526

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-69d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjjPUNX6jV8XWQIqCiKwqd4p8O7u9FaQiYPSlsxl95YOxL907%2BKbjGwSmi67K35dXHQUlBgmzEG2H5dfBa0mSfjsTL%2FfMNQc8o%2BRA6P8dOx1IFY2cnXfTYggg6icWprm4B1HRR8UMZlzH5wP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 6e18c7160c246d7a-MUC
expires: Thu, 24 Mar 2022 14:03:19 GMT

GET
H2 200 logo.png
oneotv.online/live/ 4 KB
5 KB 36ms
32ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/logo.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

4e62a6bf16701dbc05b906c5ecb6321debcf401eacf3f11858f333f3ab1e8cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4348
last-modified: Sat, 19 Feb 2022 08:03:26 GMT
server: cloudflare
etag: "6210a44e-10fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvnDGiSTDPfaABiLD4AhJkkMoM4aisLHr9NbYI%2F5tFfPnK7kkdhFcTcLRZq81WbPQWKBYeOj1LJTDOp6712UOktD7UOpr%2BrufUAt%2Bu8QhEpQcceL8zsVUuQ36206E07156%2FlyQe4HE1T8snX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d846d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 AO.jpg
oneotv.online/live/uploads/ulke/ 5 KB
5 KB 35ms
31ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/ulke/AO.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

a746ac0e51665d741db8fc04f3e934d6e77db086139f831f8aa62e61df0437c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4971
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-136b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc5%2B2g%2B6m%2BHiVxUbpbzE9gTXMaDE%2FTNOxn0iI9a%2F2HguFT0FJUeGo4rDDQ%2FCelE%2BcUjDWAKKV8wkT1uOHeiST1xOPYfuk1Pppd2WqAx8e4pg8rvhr3kfpTLy7IxsyNFgioznaHbCUhFeo4Go"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d8b6d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 AR.jpg
oneotv.online/live/uploads/ulke/ 4 KB
4 KB 63ms
59ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/ulke/AR.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

52461eea22fce0fa8beb04bb49092cbb80d38bb40d4d3c6d3e70e039fc468ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3783
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-ec7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQhO%2BmDp29xhpLRqv8dgRZDnVeiw707NbFzLu2GSfV6HPOfVGxl%2F4zlzkxAk1cpSG%2Fj4CIzlbszMdLUGNbUKaIL29BqTZXQwZhbKL0R95L34qYRmu1%2B2mWR9GQTb4ChWb7nkoblv17iOlmpd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d8d6d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 AU.jpg
oneotv.online/uploads/ulke/ 5 KB
6 KB 61ms
57ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/uploads/ulke/AU.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

5db15a65bb60f2edbe44a2b9fe669d95d28b82a1b05104785e11d49b1806e940

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5420
last-modified: Wed, 19 May 2021 14:39:08 GMT
server: cloudflare
etag: "60a5230c-152c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw%2FZ0hiWaNCODvGdsyeEJnX80PuI8HXiDLWTe0bYJY6VbuO1cOxeDkEL704KOoUXopgxCO1%2F0sn6uiAQFMpkZg3kpsOvFgTvPbhJhBoojEL%2BPJ25LJ5BP%2FY%2BF93b5bT%2BVNOM%2FyPRH8QLch6p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d926d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 AZ.jpg
oneotv.online/live/uploads/ulke/ 4 KB
5 KB 40ms
36ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/ulke/AZ.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

f038a1a4cab31ef41edf6b4e3e6659f4bc8c4d6367c8233eb395c975e73fcf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4551
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-11c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ndzX%2BXE%2B3uc0VahosyYSDru1rX9FanpGqvTXHCHmc5FbpUVCRUurw5t4i3G7Dvq6ylG%2F94JAFzwvVjB2a%2FRNRUA%2Fuu%2FNE%2FTHL1gPhzGVx%2BkRvxsKEU0wo0fw%2BFtWVSkGUULfnWj2UqZinro"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d956d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 BE.jpg
oneotv.online/live/uploads/ulke/ 4 KB
4 KB 60ms
56ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/ulke/BE.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

55d43d552934ce3d6caadff3b2023d66a002d535e0bcb3994f83d22e3967b30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3623
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-e27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEqM6NpbWDJAIc13Y%2BxAXVO%2FEa2yeB8Aas%2F5Mi0GpOP9b32zaLq8YHVErF4rZ%2B31Mtgm3X0YtK1u9nUTtglLsWdab1WIi8SBfwNW06PX8EEbMgqUILOjPuFS8GMZsoqDXRd6yMGlU4b2x7iH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d996d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 BA.jpg
oneotv.online/live/uploads/ulke/ 5 KB
6 KB 40ms
37ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/ulke/BA.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

0b21f0f025e3569546e21d41aa765f628e3c078c7e2a677ad226c5611f97abcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5378
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-1502"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BctbGtuNX%2Fq5H6JjcBUs%2FgT02mrkJJcQsHeOjzmFfc8CuVHkINpUs%2BEkvyT1H%2B3MsbsuPuOd7xK7DmvzoWIJlb9Ux6W075yVOuDHwuRA7Vy9lM4ybMdj6SRZIJo5D9U64CYr9KZAxLJg%2FJnm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d9a6d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 BR.jpg
oneotv.online/live/uploads/ulke/ 5 KB
6 KB 37ms
34ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/ulke/BR.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

cefe3a3b9abbf4707d8e5a7e7bcb897a7894ab38e5fa219e4464ee18f6575355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5552
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-15b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEi4vGHQBz%2FGaRLMs%2FToMvyhKyTHJv5BMnlrtavTYGNwytMtweXx3nFuHDXAncg%2Fwi0yLCWJBU2jBYzUAwyRq7KzciHfKGqt1yjMUDG05Htq7nIQgjRsvB3ZQUc28obcPjN1Pw2RKigcLUFZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166d9b6d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 CM.jpg
oneotv.online/uploads/ulke/ 4 KB
4 KB 40ms
37ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/uploads/ulke/CM.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

0ec17c82ecc7df5514f58037b77e0ad1ebb32bbef01c27efe83c9775511ce8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3901
last-modified: Wed, 19 May 2021 14:39:08 GMT
server: cloudflare
etag: "60a5230c-f3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGKsYx8VqjFxRRdSaiTdydLfA4prlBMbTWlefloEZUR4MsywK3JygFcwCI94Fe7b9QxsyRU52MvQt7EbDe2GIQAq0bcvyHFldZhjzYuAxmCBuPmTpEYG9kfzESAuuCCSAuwvJMNr3HeQiHKz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7166da06d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 CA.jpg
oneotv.online/uploads/ulke/ 5 KB
5 KB 60ms
57ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/uploads/ulke/CA.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

1ba1afa0b5a2e462bd5459e5d5fb4d5f544b4b5e902413af92aa570cd78a1adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4961
last-modified: Wed, 19 May 2021 14:39:08 GMT
server: cloudflare
etag: "60a5230c-1361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxvqeBZKNqSmLoWCw2mc1X2keYfM34ulGZ%2FEpA%2FSt1Met%2BaoLlRxGDpLIclOmyhAWcBVlt2uTiWslY3bASiR2Tl8DD5WzZVrjY5BnrwcLBi9aTpDTIhHo8yff57myKLoWqvZyURE0QWAta7U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7167da46d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 64ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

720effbf9554e3e0cafb40fd24e824c7a31409dff647afe5d380e34afb20df41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53658
x-xss-protection: 0
server: cafe
etag: 5850057746330110649
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 14:06:54 GMT

GET
H2 200 default-img.png
oneotv.online/live/public/image/ 4 KB
5 KB 60ms
58ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/public/image/default-img.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

a938c413c8cb6445144e7054bc579bb8f0ac168dfa5f33aa6d2113b880f999fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4551
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: "6210a455-11c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCh9SUQ9Ov2Vi89bFAbURD%2F6Rt44Y1jTJ7cDor5AoUpSMOFHYAcCXvxjgSwT1XRVVJGKFm8xcEbuCQviicuOVaLeXymCDcTc127j97RPZQU3RCYKKrzWKsJvIlFIGWjU9E9X9CQp%2FIa4eKMd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7167da86d7a-MUC
expires: Wed, 22 Feb 2023 14:03:19 GMT

GET
H2 200 email-decode.min.js Show response
oneotv.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 13:46:32 GMT
server: cloudflare
etag: W/"620d0038-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyAWgC6nlSeMi7c66fE%2FVkaznS3zdWRTCxVfgBsBopb8MYjq0N8v62H1GcEc%2B50AY1S9rd0TQ7qwLCCr8QhL3rdKfim1biGpaIeg8%2FBaCI%2FBJPzxm0%2BINrSI%2BtS%2BVvpJ0hD%2Bv%2FM7fXKiq9ih"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e18c7164d206d7a-MUC
vary: Accept-Encoding
expires: Thu, 24 Feb 2022 14:06:54 GMT

GET
H2 200 jquery.min.js Show response
oneotv.online/live/public/vendor/jquery/ 85 KB
31 KB 48ms
48ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/jquery/jquery.min.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7L3LfIRoNThrq9fbdUv87RMwjvHgggKaUGypUQC2cGWjM%2B6%2BuagS1OlHsD4PH%2BAHBuwcDxiLCyQAcATfP3fhdkd2%2B%2BYbrWECejczybPy2ZGCqXakSVycUlSN5rqJVoMGCxnSHcjvugcwaHRS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 6e18c7166d516d7a-MUC
expires: Tue, 01 Mar 2022 14:03:19 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
oneotv.online/live/public/vendor/bootstrap/js/ 75 KB
22 KB 43ms
40ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/bootstrap/js/bootstrap.bundle.min.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-12a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIv7FyVASTN9mECrkG3ZidO5hgSFdapngyD%2FL4N21SDWqIJEAbCh91AuHBlW0uDlJuVQlgaowBnFbCvdZpI9irfOaay%2FyNGCpYrNyos9pJ6FoW15j%2FbyZrCCQalGmHVj%2BFhmik80WtEDfBHO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 6e18c7166d6c6d7a-MUC
expires: Tue, 01 Mar 2022 14:03:19 GMT

GET
H2 200 swiper.min.js Show response
oneotv.online/live/public/ 135 KB
36 KB 87ms
82ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/swiper.min.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

3cad5361705995f61ac053ca047f4e9b02eb99832561de41809e9ffb4d671063

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-21d03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjvN6cD10qHR2Q%2B2e4deLtXrosFB6Y3UkYeFQoBPUK2AhyISP9C1Ssj%2BNBczKkAyBVRKxAe8gX8W2g6TS2cZw9HP49wYMGBIFeti1Y2nEMsWi8ZZvpw7A%2BZqzsvB5w%2BKrRZOv1UENn8mbUvj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 6e18c7166d796d7a-MUC
expires: Tue, 01 Mar 2022 14:03:19 GMT

GET
H2 200 main.js Show response
oneotv.online/live/public/ 292 B
618 B 37ms
33ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/main.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

bfc17c69c7648ca28b1b79a9b521cbca2a31aac09978ba8258a4d22a7e31ee40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"18f-5d85a6f8f1961-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWDFmX4%2Fk9OC4%2FNaP2ySpT83BGMj3hqnGUa9L%2FS8UaY0p7tPuAHTM%2BrihrU6bLW3zO5r6xk7uy%2FnrdP0ycvlJokC254khn04SwttesXd7SvQ7t%2BRnnmnSZa1dGOPZwR2oTYdC%2BXwY002J0xR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-accel-version: 0.01
cache-control: max-age=2678400
cf-polished: origSize=399
cf-ray: 6e18c7166d7c6d7a-MUC
expires: Tue, 01 Mar 2022 14:03:19 GMT

GET
H2 200 lazyload.js Show response
oneotv.online/live/public/ 3 KB
2 KB 39ms
35ms Script
application/javascript 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/lazyload.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

99363e1c04524c0877616046fb7879aee299ea8ab4f247a7d9b030a714b942a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: W/"6210a455-162a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zpgl7p%2B7pu3SNn8PPyMTC7klIIquCBPcPP1iNuZZfwZTvOW63JCVjC42aXj60M4Zyg1KmbtoEFd95%2FUkWqRy03%2BxQyLHT2xK3NCDePER0JNEdSZlQOUyzvsBa97Ukq%2FHy2sXkeq6R7IgG00a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-polished: origSize=5674
cf-ray: 6e18c7166d7f6d7a-MUC
expires: Tue, 01 Mar 2022 14:03:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 44ms
17ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-185373939-1

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb7c09d44890f67b8184f057beb4444defd794c2796a244bf0d0a33bb354a80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37301
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Feb 2022 14:06:54 GMT

GET
H3 200 body.png
oneotv.online/live/public/img/ 122 B
773 B 77ms
76ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/public/img/body.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/public/css/main.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

de6c28719700750f523433dfc69f80d54ac1846dc19ccab8e72c91b1b714fab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/public/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: "7a-5d85a6f8f2901"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnvsK3sR2IvBgB6%2BCmfMUqmcpcvyM%2BL114jcZdBPNkToHlaEkFJipryJfcKLLws099ybzqEvmpxlWKyXH7uuZ8bd0L1yaq19Q0MqxRiEGIAMF2TRFD3Cup5a69WQutICUp4tg%2FY97gxVgDqX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-accel-version: 0.01
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c71669ad21b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 fontawesome-webfont.woff2
oneotv.online/live/public/vendor/font/fonts/ 75 KB
76 KB 37ms
37ms Font
font/woff2 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oneotv.online/live/public/vendor/font/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/public/vendor/font/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://oneotv.online/live/public/vendor/font/css/font-awesome.min.css
Origin: https://oneotv.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: "6210a455-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZPFWuOefauJMw4KbiZbR176%2BFBA6LS%2BQc3KcMc18Sya%2FWFD6fB6Prj0auQ%2B8ZKqK%2Byr1u5FQQypIIV9Z6yaopHvCGlpseMH9iIWn%2BLz%2B4eIRkwPMCI8LK%2BY2KSvIWHsUIxb%2FsUh7YBZJBR1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6e18c71669af21b1-DUS
expires: Sat, 26 Feb 2022 15:09:45 GMT

GET
H3 200 pp.png
oneotv.online/live/public/img/ 3 KB
4 KB 93ms
93ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/public/img/pp.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/public/css/main.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

232185767150d12bea5af25001983e329a40279bdecaa5e9822caade575fe2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/public/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3095
last-modified: Sat, 19 Feb 2022 08:03:33 GMT
server: cloudflare
etag: "6210a455-c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAu081jf6w7iqi8%2F3dWPZ9ptRfimI7yEtrSW6iiCPWrLBJscJEO9MeoTy5vaZ5Yaa6N1SwmAT3jOKH3kbsEoERQ4YAqO84K8i6S8AWjf0FwWzahTLeltTFz1t%2FenxjwkJvlnkC1ym%2B%2BdGaLk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c71689e921b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7010964631896849&plah=oneotv.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 16804192996499609317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 14:06:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame 6780 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Feb 2022 03:10:18 GMT
expires: Tue, 08 Mar 2022 03:10:18 GMT
cache-control: public, max-age=1209600
age: 39396
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 25375pk-ptv-home_live_sitream.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 31ms
31ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/25375pk-ptv-home_live_sitream.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

17a9a29e4fafec3b795b5e7dcce4a04e5858a3db2b11340e8d7c3f8ab292c4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3487
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-d9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbiZxjj9AIPlO%2FKI2J0h%2BkGGQqn1GJRx2AcFBMSHFfxRwM01LzVE5Umr5705IKwggDdKoHLU0vbJ7MRp6ByKxPSXfJDulHPBCc2QXaxOz98lV3m5mh2gpbvclymaVJegGZFfP2hZUoGwS3ij"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7177c3d21b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 21820us-bloomberg-tv.jpg
oneotv.online/live/uploads/post/ 4 KB
4 KB 43ms
42ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/post/21820us-bloomberg-tv.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

76737de4247ef72401d09f8e98bd6d11d8f4d3375e692b03fc496679ac3f8dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3914
last-modified: Sat, 19 Feb 2022 08:03:29 GMT
server: cloudflare
etag: "6210a451-f4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEd0cG0CZi%2FWk4X1zw2%2BPH5hZOX21%2F89QHt0Eit1TtxO6EzdZxh1dy457gXwhCoo%2B8M6biE6k7yDPwYGS%2BaGZKlLjHaQR%2FjPgDtZwHkK7%2Fjwl%2FMltp91ym8jPiIs76Mnqtbn1yrg1oGdKD%2FW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c3f21b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 20334us-shop-hq-tv.jpg
oneotv.online/live/uploads/kanal/ 3 KB
3 KB 29ms
28ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/20334us-shop-hq-tv.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

88a4d8c17c268916e345af6700cb805f26f0399cc708f2da778b670e6f2d991f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2695
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-a87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGHjtusUZL%2BSFRIkEBj1t8Jsd%2BHK1iAh9dE0mnZn%2F8DwTJmRJptk4RQSyzuHH%2BHNr5R6ddVhsDHX4sq%2Bu7mi0usLQhxuwQ5BlOH3ie90AMF7mz92WBOfbrnKbcU%2Bkth63Py1LrIFenf8UKmK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4021b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 22620b1-tv.jpg
oneotv.online/live/uploads/kanal/ 3 KB
3 KB 37ms
35ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/22620b1-tv.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

d07cae47811a9895f1118ab658ac7c8965d26e909643dd026aa6702375b5f94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2702
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-a8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dh%2Bk2Jw6cOzXMATUhSUSGe1QQ61OXmDls0egfMcDW44eEooWjjoL7qULVaCDMoFkJarBRDGO27Dv%2FpyKKnHFI%2BZYbMC%2BfeFv1yEwOX1hsAsNYXyZ7uR1M6XUxwmn5GiBkIKpC372gGZlPJ%2BN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4321b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 22308newsmax.jpg
oneotv.online/live/uploads/post/ 6 KB
7 KB 29ms
28ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/post/22308newsmax.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

e934f7982732e61b9db7d7714e9beed550f8e16cc3609847522eec4982226628

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6081
last-modified: Sat, 19 Feb 2022 08:03:31 GMT
server: cloudflare
etag: "6210a453-17c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtvpEQIuB6uHG8TwCHLhQRF%2Fxmu5lzetKfQWqJ1o11FOGltg7434jstxtoxwkWrwnCnxoH5DkLLe%2F%2Fua8ccu%2FQ4w1L6GUCUTzouS%2FQca2qL%2FUK9ta8g0tIiydoxPgHDatMWU2gztCzvvKiTs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4721b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 2040727170Ary%20News%20(Urdu).jpg
oneotv.online/live/uploads/kanal/ 4 KB
4 KB 28ms
26ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/2040727170Ary%20News%20(Urdu).jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

181672079568e84390119dadc09d38dbe89177857785f16167f48726de595b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3623
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-e27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mun4Lv34PRAtfyb50pzmo9WH6N7%2BG7ptklbx8MGq1uvhi2heg6cfeE3Ro6IO28IlLx4D%2BJNMioFzKwvogASsPgyjOSTAFKJWOk%2BFv7b8o1b4B%2F3oJyUeX1%2ByQO%2B94DwiRh6jOyRh06oMipVz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4821b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 22204abc-news.jpg
oneotv.online/live/uploads/post/ 5 KB
5 KB 121ms
119ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/post/22204abc-news.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

5264be7f425cabd06195b7eae6313dbd6fdf2b1e67d316ce8d30dfeb15591d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4758
last-modified: Sat, 19 Feb 2022 08:03:32 GMT
server: cloudflare
etag: "6210a454-1296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yso8SgzAJIHIvv4qnEL13xjKBRPXBSGuQe5EodQNN4aQR0j2euvm%2BAwii%2FcqChGz4FZeOR%2BG35Poq1e3QoLwF5A8xFKABceckbiHWz1wxUKhXzAEhpiv2nayeQSmRl3Nqj1kH3WrAGRKfEDz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4921b1-DUS
expires: Wed, 22 Feb 2023 14:06:54 GMT

GET
H3 200 21829in-suvarna-news-24x7.png
oneotv.online/live/uploads/kanal/ 11 KB
12 KB 38ms
36ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/21829in-suvarna-news-24x7.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

d96cceaf06de0cba7802065b4512f3ff640db59dd7d0632905bb46356b0132e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11247
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-2bef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HeF0tIfDJ%2BY%2FqSBdjF222290kY2omQjqddVFMjf2MgxQLkDhzmPF13EpFuGCCNlsQuvTsj3WDA4c5cuqaKusimojLaQgVGUgsUy5siYzACpaP7LpGz9WcA2wJ3p1zwUEuUbA8dLtcb%2F5Epe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4b21b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 pitit-manman-mari-tv-live-today-now.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 39ms
37ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/pitit-manman-mari-tv-live-today-now.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

a6c9c0008915135224a1715b05cf1c748f42486afbd82cacb1b389f927575ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3298
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrqG%2Bt74ZDlsyQmfJviQ%2BRUgd9khU9txkm9a8hLD91SH8PSJDVDE6mPVjISIpxFFWLvJgFcjyDP%2BwNozr%2BYwpGkfGh%2FwxdaGpVBp9rLaLHpA8uFn86RGO3569k14H2xlAAwxDUYhWN2MZOBS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4d21b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 23005Hum%20News.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 29ms
27ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/23005Hum%20News.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

c595b48f84d05a25b6605a0a84a04d2d330924be88282d39aaafcb2de5b587dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3016
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-bc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMhbaYcy0KlRjt6Olh1PHkV3JFqK67V7Gms1ixs8HLNiGh1gUAM5IG3LDD%2BpL%2FS3QPmrKwROkAl865Oz2uYKCGZA23CfYr5V%2BxQX50KtVcdWw%2FqpcVnaOgDkBuaM%2F3ncsaXOk8BQbHNq5gL8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4e21b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 21056al-jazeera-ar.jpg
oneotv.online/live/uploads/post/ 4 KB
4 KB 37ms
35ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/post/21056al-jazeera-ar.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

4f8dd86c0a9107b3d345fd52599a307a80bab313042c750928f1ea495d1e8d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3830
last-modified: Sat, 19 Feb 2022 08:03:32 GMT
server: cloudflare
etag: "6210a454-ef6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN5I0OjaZRopyQKJH92FS1mD2h2ExcORHZmS04G%2BUrH6X99bNnahJu%2Fwvso3hTDXQh%2BaNj6HsX1DupoJTRfOH7n843xUdeilRM8NNsRYVcq11CBNqTs5nVEUnHN4suGYs9Cp5KhnO3qhBFBV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c4f21b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 30086c-span-3.jpg
oneotv.online/live/uploads/post/ 3 KB
4 KB 37ms
35ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/post/30086c-span-3.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

6c065485e251d8a7a049574eb157387735320511217b56e17df8f1312aa8bb37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3283
last-modified: Sat, 19 Feb 2022 08:03:31 GMT
server: cloudflare
etag: "6210a453-cd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoJlgF4PdClnHqKnqb96EixRPptJYFVGyfha7xDJlF8IihUtcbXPe7PO%2Fm4HRF6x1NZL%2FG4dWND3JbAwdS7xSf9%2BLsO%2BNoDChp%2BoVXT%2FJWvjFTq8IZleLMk4rzRRteDH%2FJy99qrsteNRwsDh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5221b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 23952TVC-News.jpg
oneotv.online/live/uploads/post/ 6 KB
7 KB 39ms
38ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/post/23952TVC-News.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

fae6d73caff904a0105b98966c501f7ad0aa7ab2cbc107ea0fbd55181f8c400c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6394
last-modified: Sat, 19 Feb 2022 08:03:31 GMT
server: cloudflare
etag: "6210a453-18fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXwnuMPnhYBxW0ymajfumYwm7SudC2hpad9lRI6xPmbvoPZCQOL4jtCJebpJOuWdwZl9T4ClK1GHSG4vR62ao8h5siU0YZV2FTZT8ftxDBP8y1Bk3Ehv7Y%2FG3UULxAB6SLLvjt%2FIPQFVrRhV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5321b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 horse-racing1.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 40ms
39ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/horse-racing1.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

cd08b34f36b8f848b1301d4776ad777f5d0266b52c0d7b455f7f2f44d3624be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3435
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-d6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDwt4mATMA3fit1ZEkndBe7xl81qGSWRAgLCesrjap7vktzKSrNHY0dwax9zlSwo41K%2F%2BlL85VGtmqv6zzGqX1Kxbdu4k9gJvwF4%2Bc0Akevxj1Y4qGf41gFnCjEwKad5i81OgEe6FFSp2%2BU7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5421b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 horse-racing2.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 42ms
40ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/horse-racing2.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

9e3f9d856ce97127a9d0b7f65af40ecf6e09106c42a1e1b334e37bd41d916e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263085
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3470
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-d8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjFh4%2BRl4FpKTT5dGF9fdlERBTNE0izsgy%2B28evyRqOShmFTa3akJzrBfRksJkrrK7cR1%2FZcy2wVmpbm%2F8tVhtcvrsfeiO9%2Br7NPkWGldkdbGAno6kZMiArgyGIvg70ZguyWVOWhK86Y%2Fs6g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5621b1-DUS
expires: Sun, 19 Feb 2023 13:02:09 GMT

GET
H3 200 horse-racing3.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 43ms
41ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/horse-racing3.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

71a06b33928a2c4b1b77ff025774d11605af46bd8a942dd46d9f792bc3cfdb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3416
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-d58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsG%2FPEtCymjg7cG3pzUaZh9h5256heg0YszddGZ1hkeJu5GjZO5FKnMxOVgadaqQ%2BDUcI8CDF065Mp%2FyJ5jWhnGLcY8m6sf0tU6Um5W%2F048RAuEAX1mSzDCejsYKOK%2Bh%2FyNO%2B1DpbNM5Pr3g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5821b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 horse-racing4.jpg
oneotv.online/live/uploads/kanal/ 3 KB
4 KB 43ms
42ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/horse-racing4.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

11d534f68813bba04f65b86c0a508dcf1043a08544c8502fb8dd4cf45474062f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3452
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-d7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi1owhU7Yw%2Bx14n5o4gpTTc0QuXQOa%2BTdqoIgMtWjo9yPyplttN9YABeRd8NrP17IapotvLlqlolaPcmOrrnS8bvFhmjmigxzw%2FGQF%2BRO0UfHmy4XUrvBAXVBU1ofeTgrF9h9xGrDTfXgGqt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5a21b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H3 200 racing-com-live.jpg
oneotv.online/live/uploads/kanal/ 2 KB
3 KB 136ms
135ms Image
image/jpeg 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/uploads/kanal/racing-com-live.jpg

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

3cfa159ee0b5acfee9f92b4990bbaeb5ac20d578a31a84e63f3a6275d56695a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2513
last-modified: Sat, 19 Feb 2022 08:03:28 GMT
server: cloudflare
etag: "6210a450-9d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlIDXEB81TjiL%2Fe%2BgZg7GjH46gN4ruUUsnXXVqt2qqjU5I0tdGNiekPehPkUpam1A2DVByBETgRBbS6Oe7LBTyDa1Bg7HcoyQY%2BYezk3zxR0M6o%2BLhu9cPUXErKi020FBOD%2Fd%2BhvRDRPnVa3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7178c5c21b1-DUS
expires: Sun, 19 Feb 2023 15:09:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185373939-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 122
date: Tue, 22 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 16:04:52 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
648 B 46ms
16ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=oneotv.online&callback=_gfp_s_&client=ca-pub-7010964631896849

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7010964631896849&plah=oneotv.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

de232abc34137c3d95d2219cc4099b1083b15896ed804c7bc98699291ad41283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 47ms
19ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=oneotv.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 50ms
21ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=oneotv.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 14:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D001 96 KB
32 KB 391ms
371ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

953dd5d8fa888baca89bdc15c6d0331c6b8158e901959cd3cd9cd9f65dcef57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 32988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:55 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3C6 22 KB
9 KB 264ms
263ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=1682538932&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814568&bpp=1&bdt=203&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LpGXwSLZsV&p=https%3A//oneotv.online&dtd=143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b7d135af1925b1e3402b9cc8cd324b864e2f2f9eb203e471d24ad090c7e213d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 14:06:54 GMT
server: cafe
content-length: 9577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:54 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC7F 96 KB
31 KB 298ms
298ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84817120b5278c2c8c85703f0d977157bcf5168f88f1352251da23d1893f9a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 31604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:55 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 40ms
20ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1153084710&t=pageview&_s=1&dl=https%3A%2F%2Foneotv.online%2Flive%2F&ul=en-us&de=UTF-8&dt=Live%20TV%3A%20Watch%20Oneo%20TV%20Live%20stream%20from&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1629876717&gjid=844939776&cid=722605266.1645538815&tid=UA-185373939-1&_gid=1598574740.1645538815&_r=1&gtm=2ou2g0&z=773744418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneotv.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oneotv.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 496B 92 KB
32 KB 607ms
598ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f083ed45461e96b02fa995e4dfbd055fbe1e530199017928d7de5646ff8ffa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 32250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:55 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8D8 176 KB
49 KB 613ms
612ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&adk=1812271804&adf=3025194257&lmt=1645538814&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foneotv.online%2Flive%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814601&bpp=1&bdt=236&idt=135&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280%2C1080x280&nras=1&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=147

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f78e89e6db1a9cb041c3e42e86787204a9451b8ee5456173b6f25695f3f483c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 49993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:55 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C3C6 2 KB
1 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=1682538932&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814568&bpp=1&bdt=203&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LpGXwSLZsV&p=https%3A//oneotv.online&dtd=143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C3C6 15 KB
7 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3C6 124 KB
38 KB 85ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C3C6 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Criy5_u0UYpPMLcWaYpj2hKgPyZ7SsVz12pb3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDEwOTY0NjMxODk2ODQ5oAHVttLqA8gBCakC3zuLDvb-sj6oAwGqBMABT9BFYRfMJfkGSffYEkFFKIVvxluEhCSoPnD4IpDFZoLoq1r79_w4CfbzYZ0fWrisFKsRFrogbeX-FsYdW4oKVIbB1x0Zk2If51v3JkSXXj7YhUg9F6fEPDo7WQSEpny4SG2Bw9nILk7MKxvBNIH8v6TH2CBnHjPI5vaRkTkUqrVSqvZEbd32g4yifCKwoApQkTYz-L7vUII9DFa3ZJ5c5OqbGgat35iboHfuEi04SpcxEmG8YMZCOWDrVdcxKt_kgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzAxMDk2NDYzMTg5Njg0ORgA&sigh=1NwCH2oauYY&uach_m=[UACH]&cid=CAQSGwCNIrLMmrbWkumRxp1d5v0Zrw-4EV20RnzEAxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=1682538932&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814568&bpp=1&bdt=203&idt=137&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LpGXwSLZsV&p=https%3A//oneotv.online&dtd=143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 14:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C3C6 0
0 64ms
20ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RNYImAKdg2ICAgAAALPdhR5xukpyEP7tFGLJLMUlIo6lbRQzOQAS&wp=YhTt_gALZhMKGI1FAAE7GC0SEWkccogv7aW4RA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
server: Kestrel
server-processing-duration-in-ticks: 141034
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8D8A 186 KB
53 KB 207ms
171ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YhTt_gALZhMKGI1FAAE7GC0SEWkccogv7aW4RA&u=%7CnYmHdKDDWGw8yV16Cw2i5GQbbcL6%2Bgtg86P8KHVooR4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcAPegXqp7-DoTlZjEJ2d4dzNJCQUNkFKNdvo_xxoUjwarwZ1cKZDxSH_gEH0R066GHc5pEKfkBAA4ZvCfaJxN29nySA64n2DyRSEp3BmNBgWxnT-BFSMP_51QG-FRMVlLoXjRbkYZLpM9P-scRWXnf9BN5yfqESpUzy_CrCiF4YKXVvPFhTl1USJmT-vWCl9O775Jlvq4qSpe6u5_K2_0noemc1ttvZxLPSsOGwwiZnUJxK9sr0BeJwFfc0OENvNKKaNnIDfBJkfZB4_387SOKk5HmQXQq08g4FRFW-PCZEq7IINV-IvNdKZhjIXfWFphkekJ7xE36Ym4Sga53Y0eMIYiPu4u4xaRwj0VcNKZt_pkXS4YFgfBbLWPMIDswBW_zhJBRWioGs9qTE0XAuHf0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSp9y_u0UYpPMLcWaYpj2hKgPyZ7SsVz12pb3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDEwOTY0NjMxODk2ODQ5oAHVttLqA8gBCakC3zuLDvb-sj6oAwGqBMMBT9BFYRfMJfkGSffYEkFFKIVvxluEhCSoPnD4IpDFZoLoq1r79_w4CfbzYZ0fWrisFKsRFrogbeX-FsYdW4oKVIbB1x0Zk2If51v3JkSXXj7YhUg9F6fEPDo7WQSEpny4SG2Bw9nILk7MKxvBNIH8v6TH2CBnHjPI5vaRkTkUqrVSqvZEbd32g4yifCKwoApQkTYz-L7vUII9DBS1RQzba3aIpZq5fEimBo_nBieOQLkpkNV0XWCwhn7HTVKbrsxbq2NugAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0do1RbzIDF07yUOwb93jmu3zOpdQ%26client%3Dca-pub-7010964631896849%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7a5c7b3d5f6437e5d4f2e5bc19e8d4731149be6497efd21a4bd89567e0e9a248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 22 Feb 2022 14:06:54 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OZ5GmmybKj7q4qs6ELYAvyDwC7oaO0-wYasAZbvp_SHVY_QGHe-Iu7vuMefTCTMMZSuajibvjvOF_OGfOPqxcybIyrRy3qyy-Y8lNFxeVYRANopFrbiTfh6ip8GH4TzFT66KdJPbBe0BBjxx0DZAzru0ppLLSNfygIPt3A7t9DxFMoUBMhECshVaqc8b7i6G5lfHp0MWyth3YVlSznWbjO4fZT1Yct-bPSZk8ecw8iu4SSEcBiSfkEnyVZyOjU8VXRZB9Q"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 154626044
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 2760626515885066123
tpc.googlesyndication.com/simgad/ Frame CC7F 106 KB
106 KB 21ms
13ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2760626515885066123?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4gq6uYkIlCmLk-dYNfHCs6GAPbg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79200304f02c4220f9ab0105b0d334405732dc6b5f8dae20b41f36f48e48fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 08:18:43 GMT
x-content-type-options: nosniff
age: 193692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108535
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 11:43:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 Feb 2023 08:18:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame CC7F 19 KB
8 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:05:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame CC7F 2 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:05 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame CC7F 67 B
196 B 12ms
12ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 68827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 22 Feb 2022 18:59:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D001 8 KB
1 KB 55ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:11:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 14:06:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC7F 0
0 92ms
91ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSfS1_u0UYomYLpaZ7AP2-ZdwoPKjhWiOuvj2kg_a2R4QASDgjqWFAWCV4pCCoAegAZyv-6gCyAECqAMByAPJBKoExwFP0Ah8E3UCoQCQ32hiz2967POj2L8CgVzbl30wahuq2_MUsNBlW_qumTe4i3ZnL4QfgenZkLLMSk_0M_mOyDuQm-jTipwot5fZlBaIkbq9VWkh0Dfpy5PHw--QOqBf8qHGmIW76RP8eGWbsP1r1FRpfXws_-85oZyBG7zX2jCSZyXxWj2krHhaQ0LzVZ2iHzT_TANJQBTejOPEDulBO96ZUbUBp6u2-zi29VCGMG8GD3rol8OP8LoGAKaUq5PYAyTainz7rlT2wATm7vea6QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHAxCQNdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MDEwOTY0NjMxODk2ODQ5GAA&sigh=rupn6EC7SzA&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 14:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC7F 124 KB
38 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame CC7F 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:10 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame CC7F 28 KB
12 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11757
x-xss-protection: 0
server: cafe
etag: 16992248388390577427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 12:39:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame D001 2 KB
904 B 51ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame D001 19 KB
8 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:05:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame D001 2 KB
1 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D001 124 KB
38 KB 60ms
56ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame D001 15 KB
6 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:10 GMT

GET
H2 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame D001 28 KB
12 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 07:29:31 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/81239459027321492/ Frame D001 30 KB
30 KB 33ms
12ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/81239459027321492/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72ff5026b6a846f35ea73ee573364454a6a738884715bcd055948977588c0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:02:57 GMT
x-content-type-options: nosniff
age: 587038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 09:37:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 19:02:57 GMT

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame D001 43 B
1 KB 65ms
15ms Fetch
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=zattoo-gaw&extLi=12985999821&rnd=1465627589

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 22 Feb 2022 02:06:55 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 22 Feb 2022 14:06:55 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1815
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D001 0
0 94ms
93ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpQNh_u0UYovOLNuG7_UPms2OqAHd9-i3aKuBofvNDu2y95WWDhABIOCOpYUBYJXikIKgB6ABjbiOiwPIAQmpAgB3GZzURLI-qAMByAPLBKoExQFP0JKDqXj1FfkxeMktbKaH3bMQV2Atk-V5qZ25jhC1kKEDFgOKfXbDo5RYwVzGDVpooMlOg7tyWzzRcsPSQqVpDT0vL3c2GP37dmaGKLtk2thyGC6h3K5_85W6dK85-xMW5clLDhhf9QneeOehvRfe-wp09n7rd71UiEzVctdu3Ks_-eDiNcmQ8jNnHpQkxKAxpNsUMFb0uHd-BWdmzAeF58f8goLbTWByCIgY1dhb9u0GU-C28i30w8g7SedCUpRvO2Zsq8AE-PegxMcDkgUECAQYAZIFBAgFGASgBi6AB_2alzCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCPpw7SCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQI0BUBmBYBgBcBshccChoIABIUcHViLTcwMTA5NjQ2MzE4OTY4NDkYAA&sigh=ZCQdsxWWln0&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 14:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD2A 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 22 Feb 2022 14:04:56 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D001 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D001 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C3C6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cbf54631a64c79a1f40c2045b4e00c59596db088cf68713452de132053a8d1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D001 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef069b30356a9f49acb01d6a560fdd8ee05a151bc4ebae69a7412cfa62438419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CC7F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3a98e9f613c73bb88cfcb473bbd4f44abb342640ba4a585d50622fd94b5349f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame D001 28 KB
28 KB 37ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 589946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:14:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD2A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

69ms
68ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6989 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=2515889238&adf=2293449144&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814569&bpp=1&bdt=204&idt=146&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2flfq0JvfH&p=https%3A//oneotv.online&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 13:49:28 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8D8A 2 KB
1 KB 52ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhTt_gALZhMKGI1FAAE7GC0SEWkccogv7aW4RA&u=%7CnYmHdKDDWGw8yV16Cw2i5GQbbcL6%2Bgtg86P8KHVooR4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcAPegXqp7-DoTlZjEJ2d4dzNJCQUNkFKNdvo_xxoUjwarwZ1cKZDxSH_gEH0R066GHc5pEKfkBAA4ZvCfaJxN29nySA64n2DyRSEp3BmNBgWxnT-BFSMP_51QG-FRMVlLoXjRbkYZLpM9P-scRWXnf9BN5yfqESpUzy_CrCiF4YKXVvPFhTl1USJmT-vWCl9O775Jlvq4qSpe6u5_K2_0noemc1ttvZxLPSsOGwwiZnUJxK9sr0BeJwFfc0OENvNKKaNnIDfBJkfZB4_387SOKk5HmQXQq08g4FRFW-PCZEq7IINV-IvNdKZhjIXfWFphkekJ7xE36Ym4Sga53Y0eMIYiPu4u4xaRwj0VcNKZt_pkXS4YFgfBbLWPMIDswBW_zhJBRWioGs9qTE0XAuHf0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSp9y_u0UYpPMLcWaYpj2hKgPyZ7SsVz12pb3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDEwOTY0NjMxODk2ODQ5oAHVttLqA8gBCakC3zuLDvb-sj6oAwGqBMMBT9BFYRfMJfkGSffYEkFFKIVvxluEhCSoPnD4IpDFZoLoq1r79_w4CfbzYZ0fWrisFKsRFrogbeX-FsYdW4oKVIbB1x0Zk2If51v3JkSXXj7YhUg9F6fEPDo7WQSEpny4SG2Bw9nILk7MKxvBNIH8v6TH2CBnHjPI5vaRkTkUqrVSqvZEbd32g4yifCKwoApQkTYz-L7vUII9DBS1RQzba3aIpZq5fEimBo_nBieOQLkpkNV0XWCwhn7HTVKbrsxbq2NugAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0do1RbzIDF07yUOwb93jmu3zOpdQ%26client%3Dca-pub-7010964631896849%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8D8A 2 KB
1 KB 53ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8D8A 308 B
636 B 50ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 8D8A 507 B
835 B 50ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 8D8A 43 B
347 B 69ms
26ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=nspXcwHbIRnoGeKlU3uCLY8ITtMiq2PlERVR9gq5j3buf71XEZK6t1OkkdSeWbLrXXist0O9c6SKLbuqgUSKYcUM59IipXgqbBNSfez83sqbOr2WwO2Ysut_U8Vmx5ioZVTetsYZJRvxUsSGgSQGSos0Rm1quIPLEHpEIvdAtIlDJ5UPvwAkbvZNRLmymtu-JPyrRGk06SCulAtEN6S-WT6WQ-VKdSsyTkJ6l34n69XeEnaE4zwBnw-7TjPfr3lcVsjwbu86dC5tnnMp4lCs55NqRV5ll65I2e-QpzYLrl-UTDJMxn3fNQXTY194ZkleGhRjOaMRjamv0_nb-Q0RLQAAIqnSWxwSrsKGzwzrQDbQr5wk1upOZkU7pl0um_NOpCjDdG7Zl6lzVf0PsbRbRb0eNfLN7azrw-1JYbvEAOwwsgOFtKQtgOko-1dWXea7WbEALw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:55 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3120448
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 496B 8 KB
892 B 40ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:24:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 14:06:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 496B 2 KB
904 B 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 496B 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:05:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 496B 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 496B 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 496B 124 KB
38 KB 57ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame 496B 28 KB
12 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 07:29:31 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8D8A 12 KB
5 KB 93ms
36ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 694860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WNcAy1GsusPnN2X8VH6fBml09Q9tSAXh9asIYeAsKV7%2BG3eVTVyRRg3hXLmsUB%2F19KJ40fej7aX1XSBkRsNuLjKrF4603N0c3AutIMF%2BxOPkGYDPyUna%2BabuNeAV53FzsubxmiyWJhXlpr8X%2BzcX6%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e18c71c9eef3762-MXP
expires: Sun, 12 Feb 2023 14:06:55 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7677983060604365693/ Frame 496B 11 KB
11 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7677983060604365693/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c0291da388835cc59cdbc9f74071b3ac833b70e47cebf613f2ccbdc6208a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 08:56:59 GMT
x-content-type-options: nosniff
age: 536996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11747
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 13:53:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Feb 2023 08:56:59 GMT

GET
DATA 200
OK truncated
/ Frame 496B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 218E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=3901354800&adf=4283947098&pi=t.ma~as.2021186508&w=1110&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814563&bpp=5&bdt=198&idt=108&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7711678513072&frm=20&pv=2&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TBb3UZLD68&p=https%3A//oneotv.online&dtd=128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 13:49:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 496B 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2njO_u0UYoSvL4f-YreHluAK4ILw22HQ9q6ggQ32z9PAjQ4QASDgjqWFAWCV4pCCoAegAdiBuP4DyAEJqQLfO4sO9v6yPqgDAcgDywSqBMkBT9DFZ6fuGRrmjyBVfsxF6F_wRXoISjus_1CVRLHxQ0vzVOLzR6LYj6iFmhDkc7oXQxwSoi5vaJDrYTpCLBOlf7oy6HthnLkfNeEcvUjTy-LlXV4Py4nFEbMPPxNBRxMS3m9tt3heexA1g9EWAGfamlANghgsB46eWfjHV5HwOkTU2Vhl8CCFqhndAkwErnd_GPYJ5DJ_KmO8fzfeqWt_3_3T9H54wbS-m4fuvbdKvOTc5XvcP5pI5V16PIUAroCAs4FsA2ktHXS3wATPpfeXtAOSBQQIBBgBkgUECAUYBKAGLoAHkP7HAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDENxa0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03MDEwOTY0NjMxODk2ODQ5GAA&sigh=dcipviNjlnQ&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 14:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 496B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8D8A 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D8A 11 KB
11 KB 57ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=7UdBWGvSb6EyXA76xB-t9sZc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28635184
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11345
expires: Fri, 20 Jan 2023 00:20:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D8A 225 KB
226 KB 92ms
52ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1169339-_x600-nocrop.jpg&v=3&w=800&s=22GLpH99TxiL4RnygHvCvvCO&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c9f0509f5c3be4d7d58d0767ff0b9b97ae84fd3e1a831663265d9b3326cd9a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31531785
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 230732
expires: Wed, 22 Feb 2023 12:56:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D8A 117 KB
117 KB 102ms
63ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1196253-_x600-nocrop.jpg&v=3&w=800&s=5K5FfqvVAATYKmACxYQ9zYJI&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3261d165c56aaa3fee72f4e6fe21561e9abe6f97bf401e3e8f0b68c65f259236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28850659
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 119476
expires: Sun, 22 Jan 2023 12:11:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D8A 62 KB
63 KB 68ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1558088-_x600-nocrop.jpg&v=3&w=800&s=dXWyJWBpB7EAARxvy4ZRsi26&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

49c8d07e3fd3f2253760ec49381583e70c8dc2f05eee455e7a70486043c13197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31516339
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 63712
expires: Wed, 22 Feb 2023 08:39:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8D8A 0
127 B 51ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=OZ5GmmybKj7q4qs6ELYAvyDwC7oaO0-wYasAZbvp_SHVY_QGHe-Iu7vuMefTCTMMZSuajibvjvOF_OGfOPqxcybIyrRy3qyy-Y8lNFxeVYRANopFrbiTfh6ip8GH4TzFT66KdJPbBe0BBjxx0DZAzru0ppLLSNfygIPt3A7t9DxFMoUBMhECshVaqc8b7i6G5lfHp0MWyth3YVlSznWbjO4fZT1Yct-bPSZk8ecw8iu4SSEcBiSfkEnyVZyOjU8VXRZB9Q&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 22 Feb 2022 14:06:54 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8D8A 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8D8A 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Feb 2023 14:06:55 GMT

GET
DATA 200
OK truncated
/ Frame 496B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd8538c5945ce4a2aafe2121029153910c885c9e543600b47f69dcb8268441d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8D8A 2 KB
507 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:58:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 14:06:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 496B 28 KB
28 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 589946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:14:29 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 150 KB
53 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eccc811869d20e4620adbf26a3dd4ec6f36c50f1d05afda0e9927cd429e209f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54549
x-xss-protection: 0
server: cafe
etag: 16500740720032982357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
26ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=oneotv.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=oneotv.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F676 436 B
233 B 426ms
426ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=50&adk=3871419120&adf=617929495&pi=t.aa~a.2760614165~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1645538815&rafmt=1&to=qs&pwprc=1804298437&psa=1&format=1110x50&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538815639&bpp=1&bdt=1274&idt=1&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D72775038c41ca29b-222d3a2b49cd00de%3AT%3D1645538814%3ART%3D1645538814%3AS%3DALNI_MZYwRtGZLWE_PzFpRohqLFuYqIxnA&prev_fmts=1110x280%2C1110x280%2C1110x280%2C1080x280%2C0x0&nras=2&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&psts=AGkb-H8Uhfuu6GG0pGQfNpkXg0qtlVYd0XBznMB-fU3Icfov-wSSFpe0O0V2-fdOMbn_VOisZy3X05BAwIkP%2CAGkb-H91FcxOBqcIyIJEZO55p0GItDh7s0qvU-PypHZ4SNm0dMZQ8I2ALGtaAUxYIU4O-SbfoXKKNFdzKQ%2CAGkb-H9RPjpE5w0zZj9pmGirnSVXygN6XCW4ZP4e1GAjTQNoZ0hjgIHnUiykW3mojzDXxlGYawq5EZd4uEDVIw%2CAGkb-H-5zoow8zMkg3IWKX6bTlRSznRKalT9HoxlQQHTQ7peUE5Jomxq9XhnXrsKYocP_oPYuVyYGw4jPrw&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=WbzOsIKXI6&p=https%3A//oneotv.online&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbcd2900c4ff5cf6b00ed536cc0cf8db012983b0afd0bad90528d21b2a24b655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 14:06:56 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 8D8A 44 KB
44 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 498339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:41:16 GMT

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 8D8A 46 KB
46 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 498339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:41:16 GMT

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame B34B 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010964631896849&output=html&h=280&slotname=2021186508&adk=1003208880&adf=2581999891&pi=t.ma~as.2021186508&w=1080&fwrn=4&fwrnh=100&lmt=1645538814&rafmt=1&psa=0&format=1080x280&url=https%3A%2F%2Foneotv.online%2Flive%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645538814570&bpp=1&bdt=205&idt=161&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280%2C1110x280&correlator=7711678513072&frm=20&pv=1&ga_vid=722605266.1645538815&ga_sid=1645538815&ga_hid=1153084710&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C182982000%2C182982200%2C31064858%2C31062931&oid=2&pvsid=2960363348822116&pem=564&tmod=1860442576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CPzS658Fro&p=https%3A//oneotv.online&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 13:49:28 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/ Frame 48DD 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Feb 2022 03:25:43 GMT
expires: Tue, 08 Mar 2022 03:25:43 GMT
cache-control: public, max-age=1209600
age: 38472
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/ Frame B361 10 KB
4 KB 32ms
32ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Feb 2022 03:25:43 GMT
expires: Tue, 08 Mar 2022 03:25:43 GMT
cache-control: public, max-age=1209600
age: 38472
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 48DD 4 KB
634 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:57:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 14:06:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 48DD 205 B
229 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:21:58 GMT
x-content-type-options: nosniff
age: 2697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Feb 2023 13:21:58 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 48DD 604 B
628 B 7ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:29:05 GMT
x-content-type-options: nosniff
age: 2270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Feb 2023 13:29:05 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 48DD 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d68d8c9b0afec111ca934d319c454fe9d57234d8915b2d837e36d54410ddf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8146
x-xss-protection: 0
server: cafe
etag: 10717154116364420598
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:00:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DD 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=0-%26adk%3D1812271808%26client%3Dca-pub-7010964631896849%26fa%3D8%26ifi%3D7%26uci%3Da!7%26xpc%3DxNP5dWNLln%26p%3Dhttps%3A%2F%2Foneotv.online

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F28F 624 B
297 B 19ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzEWhDxmu4BGLjrwb4BMAE&v=APEucNV9S1a5ZVdBI93bJ-EtfZUNzTfLhrCg26VZtSs8BoHflLTclxRy7qng59pY8gwNjlqXPrCGNlTgY5-V-ng5EbazNreByBcgZlZN4nuVXvsKsnVkFrHstLvR6zKxmsOacywbbeN1VHOIsIM9aVwlyQxQc6G5wir7B7VOTq9h6Uzf3_ZNXGw

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A593 74 KB
31 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjEzBMXbo40BEMd220JWzrF_IbB7J0-O3lsA3VcFnG8YclJzIfn4rZnvETqU4cqHMAppF8PdokInZuoTvuZHkrovTgR40OoluFygf6mF1IbVCfSER30bnO2ZxTMNYzXxL20VnEyov1FO_EpoY4DObf5KXmnQ&dbm_d=AKAmf-Anh2r5YgxmbVJEZEGXGqgt0yzTxczMhysoyHIrn0PxR90tNExie02PUR7ixDJdHnw4kRgKwrvqgXvWLtqTT-WRhycpgEQHK6C4ox_xpe2sPjiwa8EWUoHzkLE7zqOxwYcjUrt432Zp1cdxQumreQ3QQVcl-Jtc_jPrcE101u__5UKXqxdSM97Xem73Nu66xk-OYb1PnMQcQSa1GPy9uXcG8-bU5nl6EPegC313TVJUmTsMqrbjIGuw9TNs2nLA0uRNoQcleW08ev4GpPvXDwVMhIbtZ84mgczTBaY6GmyFElpqjZzR8O0K9h7BhKciVBX5daGChAd8p08eyNovjVCcqwrQ4j35HTzV9JUmuxBQgOErFAZ4ndvQCMpYrZ8-V384l3_pUls7mvGah4HRugH1ZL9teCIHzp8Mg53oO5e6cWuYrN0LCmdOaDC-ffmwx-Yl5J3ip5zy6MNVaqerJVPEsCDf2dRWMxQbyWkBl5rfwtL2FDeL--JP41jrQ5B7ypn7_iYA1Yfn5nLNVzRcLo3O06YF3gydqFpC7BHKVl4jlxNOkC7KGmDV5ur_xBNaQhuYuQuT8pFgfmqWiCJv1mo0UpQ7k7oL1P_KJv5rr9e3geL5W6_Q0cz1WWTIHtzgpXU-Q9YOt4-wNxuN3KMeGe0iZ5if534zUSI0iG4lsiYFTR1ANOZOIxYdqLNFyg9D04DU7B-569qO10lWi48tm0E_EkrmHgfhMEAZ4DpWfo1qv9GDQK8I0BH2obZuKIvFtbX4byP2Geuxw9O3iMKKrUtt2VZa71BU7dZsR7L7JV9oZC6AWGpiKcekOPwYFoFx6WlVV1ROAln7rX2WpOSSzZTvsEfvORtJSS-ofEoya3qAwbd5T-haD4HZUW6gm-qUlFEZ9Ofcu5KCk9mLSVpk9BLMbPXHdGjT3335Vk4SLGmbce2CZ9-ZLkxrknfZGfLhR5jiCSAJQplR2-ZTCVxpsyeoZBAX7fDB43DouT4H9EQkVLgxWG8ZSkDYIyJ8IAmVN3wnKumP9tJ-x9xqPeT5hS_foQdUSe9FGIBOWovg0Il-1cQ7HYAsYh1JA3Oyji6k7qnNXwAy9Dk4qGO3SS7ow-mVJv9tjmmp73LdgpeJm9VavC9ExlRU76I0Ab2XrJJBvlEktWdgJuWEjKUnZvRD8HUt_JiB3DgPuRYxKlsePajJcssdLNwIDCUgj4aa9m92GG_VeZN_EeXwR7xTJljFl4pDZmxrYxzI_cMKE47e3bGPSFHmYWX76AhXBK010eOEe0A10nfGIUphJi17iZWLCMATnlOmMPT8jH0PTuBRcfZ3w3Aso3sVzZ10GM68QyBcvJUVUJso0WCtLtyQpaAxnpp5xJ3Ban1cAvRbGB-_degkN8rtLviJtsmnCIypIm1j3K0mCOWP3DBroZdz24VzfImDWsbPb-AhNCFrwh1d0pnlX633JziD0IAQHMruAMtxEdZlDXJAcHuATKBdkRrhk_Qvv2o_xey8-2t86STvFG_r2xIRfnAnx4ubNzZPWkPHBpEP2Ysxo26ltxhKIjhZrFr20LA5PSdJasdy3UPXOI67NsmKaPC6LparQcALRRB43Fe9Qatb8MjuTRsHyRZIVCts7GJKibcasVya4h2QaPL-4LJA773Dhmt_0rEnvf2X7xrbpNlYKoDsPFNDIgrK1CiBFmJAa7JZvV41BOBsSUBrDDOaVftEojwQVjNdLB6LEdWPc15RvUmoMGI7Cet3cz4LgzTB1QavslEtdf_eyjHMhrlD9zgOCjES68M9rLPcxBIgstAgwKxmrHhLXV0D_9kG_uao-xajcAYZ-Vnwbs3YM-ebtt7WCJq2DrLnqKbCT5fJuU9VXG3AbC0rAfBTkA2tykda6RCvR1YCSt04Y-S3wsNPK3pRg1Swf4r_wmK8l4tfmHrAQsUEh5ChO1O3JuM5Q9oaUokOHaK3PQci0LONh8wZcd3BqfhpRtW-AJmAIACiFWq1uRRbaPYFmtWfEnpP2-j-TVtrVL9V8fJvLETOK9_L62ctABWrhTnB3Jg3UDP47Rpz-jMqe9FDREi0EA8VzSdqI_xnlIQFdrMQjexqRH4YTiJerPH2nP8dIN93a_Y1eSOCRe-fba0tZp0z4yNHFeNrBhcR6b5wWXy1V2CFWoWCvS-Pnpkdyvh6-Qqpz34x1DPWe9An-7vmM-LoymJBT2SQpxOPvVDwOfVR1w6RvigwMkmiJADbyRPnA-9Rx3w2cRZRfH68aERwTqw4mn_wiyc6FxckWgTgztAsK6wB-S44T-n_iZ9tuCDy0c9ZVO-FL8i7lIZjyibpGe_netJXrm6sdQTy0JS6pI0fkx9_yecRBt-ojhnFwYsGuIQaiInIpIqKN950dHs0RUOz7xVsvfSvvhzps827IErQkJxeBZX6VSA1MN-JsmMYxApAJkCMjIHHof4SQ_ahrWl5KdswbYrQLorw_DNIhBg3JDf6kMLc-brSYVQBUfGZ4ELvQJbHxqcnqYUwW3tL5N2bfPXOJaUP1G_p88enNi1eJauW93kkm-LzhNDCklEFkT-6U1W3QrbZhxf0M2HONN8P96MhC6j5uYGf7RZJF8wPamgr0FsFjP3XcHMM_NnSklkNsOCVq2wlJR-a7kS4JIARoly6809JJ2X-8Ns6a6vV7imthzMV8vRb-HBNzM1EJBPVQZauYNAybZ4cjzxkDTqBeVsCT1d_WpPeqCnV4zcXIo50v0spH5lH-y647oFHad-JIk4kadLfvhVL86pgRM3yLc5v1-w7BeXJqF5U6oPlJw_981q7cdwSgP_AzWSJmqr_Pu7ht-89uNrkmygX4GtaYXhlmyL0RE4XbZRz6Vqg7VKXPKZwdkpSsZP0V1HgW5KMhV7nSgMF2ypjqNj_0I8PoJjKdB0zqwW8AYflYc_iqIGtyGVXpYMvQleuERIg5D9uuDS0v9o_kiMwpm-xH5HeL-sdZQlUn-rdg5PcI2Ki-PqIP3jtQro&cid=CAASBORoOEc&rfl=2%2Chttps%253A%252F%252Foneotv.online%252F%240

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

572968840d7b1b6bd712ec25eed97cf63b6f9debd42a1529d90a81917164ca01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame A593 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A593 124 KB
38 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame A593 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A593 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfZs3o__iAJx7AMabf3oUI38su_JzPFCSYYLhmr610Tvo0I2hw94lrMGzROPO9_7N6x8_O_2hG-CMkKiNac4Sou_sxaBfRXuY9NILgR1FmmqsuKHo

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C957 8 KB
892 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 12:11:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 14:06:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C957 2 KB
904 B 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame C957 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:05:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C957 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C957 124 KB
38 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C957 15 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:04:10 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame C957 28 KB
12 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 07:29:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F28F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1&C=1

43 B
1014 B

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzEWhDxmu4BGLjrwb4BMAE&v=APEucNV9S1a5ZVdBI93bJ-EtfZUNzTfLhrCg26VZtSs8BoHflLTclxRy7qng59pY8gwNjlqXPrCGNlTgY5-V-ng5EbazNreByBcgZlZN4nuVXvsKsnVkFrHstLvR6zKxmsOacywbbeN1VHOIsIM9aVwlyQxQc6G5wir7B7VOTq9h6Uzf3_ZNXGw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 14:06:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 22 Feb 2022 14:06:55 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 14:06:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 22 Feb 2022 14:06:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F28F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhTt--mZnNOgY2NpXrAIVgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1

43 B
1014 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzEWhDxmu4BGLjrwb4BMAE&v=APEucNV9S1a5ZVdBI93bJ-EtfZUNzTfLhrCg26VZtSs8BoHflLTclxRy7qng59pY8gwNjlqXPrCGNlTgY5-V-ng5EbazNreByBcgZlZN4nuVXvsKsnVkFrHstLvR6zKxmsOacywbbeN1VHOIsIM9aVwlyQxQc6G5wir7B7VOTq9h6Uzf3_ZNXGw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 14:06:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 22 Feb 2022 14:06:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh2s_D0vaF-yP6QDMYeelc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F28F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBQEH_bd_fmvUXAWZyYuQd4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBQEH_bd_fmvUXAWZyYuQd4%26google_cver%3D1

43 B
1 KB

14ms
14ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBQEH_bd_fmvUXAWZyYuQd4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzEWhDxmu4BGLjrwb4BMAE&v=APEucNV9S1a5ZVdBI93bJ-EtfZUNzTfLhrCg26VZtSs8BoHflLTclxRy7qng59pY8gwNjlqXPrCGNlTgY5-V-ng5EbazNreByBcgZlZN4nuVXvsKsnVkFrHstLvR6zKxmsOacywbbeN1VHOIsIM9aVwlyQxQc6G5wir7B7VOTq9h6Uzf3_ZNXGw

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 14:06:55 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7b31ec12-476d-4923-b46b-970eea272486
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 14:06:55 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7f1a5726-82c3-4110-acd7-c65eb66bc9f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBQEH_bd_fmvUXAWZyYuQd4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F28F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5OTA3NDE5MzA2NzI2NjczOQ%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5OTA3NDE5MzA2NzI2NjczOQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 14:06:56 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b8a3bb16-ae99-402a-9f93-16b6ecc07fbe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5OTA3NDE5MzA2NzI2NjczOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A01 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 22 Feb 2022 14:04:56 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A593 106 KB
38 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Feb 2022 07:57:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame A593 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjEzBMXbo40BEMd220JWzrF_IbB7J0-O3lsA3VcFnG8YclJzIfn4rZnvETqU4cqHMAppF8PdokInZuoTvuZHkrovTgR40OoluFygf6mF1IbVCfSER30bnO2ZxTMNYzXxL20VnEyov1FO_EpoY4DObf5KXmnQ&dbm_d=AKAmf-Anh2r5YgxmbVJEZEGXGqgt0yzTxczMhysoyHIrn0PxR90tNExie02PUR7ixDJdHnw4kRgKwrvqgXvWLtqTT-WRhycpgEQHK6C4ox_xpe2sPjiwa8EWUoHzkLE7zqOxwYcjUrt432Zp1cdxQumreQ3QQVcl-Jtc_jPrcE101u__5UKXqxdSM97Xem73Nu66xk-OYb1PnMQcQSa1GPy9uXcG8-bU5nl6EPegC313TVJUmTsMqrbjIGuw9TNs2nLA0uRNoQcleW08ev4GpPvXDwVMhIbtZ84mgczTBaY6GmyFElpqjZzR8O0K9h7BhKciVBX5daGChAd8p08eyNovjVCcqwrQ4j35HTzV9JUmuxBQgOErFAZ4ndvQCMpYrZ8-V384l3_pUls7mvGah4HRugH1ZL9teCIHzp8Mg53oO5e6cWuYrN0LCmdOaDC-ffmwx-Yl5J3ip5zy6MNVaqerJVPEsCDf2dRWMxQbyWkBl5rfwtL2FDeL--JP41jrQ5B7ypn7_iYA1Yfn5nLNVzRcLo3O06YF3gydqFpC7BHKVl4jlxNOkC7KGmDV5ur_xBNaQhuYuQuT8pFgfmqWiCJv1mo0UpQ7k7oL1P_KJv5rr9e3geL5W6_Q0cz1WWTIHtzgpXU-Q9YOt4-wNxuN3KMeGe0iZ5if534zUSI0iG4lsiYFTR1ANOZOIxYdqLNFyg9D04DU7B-569qO10lWi48tm0E_EkrmHgfhMEAZ4DpWfo1qv9GDQK8I0BH2obZuKIvFtbX4byP2Geuxw9O3iMKKrUtt2VZa71BU7dZsR7L7JV9oZC6AWGpiKcekOPwYFoFx6WlVV1ROAln7rX2WpOSSzZTvsEfvORtJSS-ofEoya3qAwbd5T-haD4HZUW6gm-qUlFEZ9Ofcu5KCk9mLSVpk9BLMbPXHdGjT3335Vk4SLGmbce2CZ9-ZLkxrknfZGfLhR5jiCSAJQplR2-ZTCVxpsyeoZBAX7fDB43DouT4H9EQkVLgxWG8ZSkDYIyJ8IAmVN3wnKumP9tJ-x9xqPeT5hS_foQdUSe9FGIBOWovg0Il-1cQ7HYAsYh1JA3Oyji6k7qnNXwAy9Dk4qGO3SS7ow-mVJv9tjmmp73LdgpeJm9VavC9ExlRU76I0Ab2XrJJBvlEktWdgJuWEjKUnZvRD8HUt_JiB3DgPuRYxKlsePajJcssdLNwIDCUgj4aa9m92GG_VeZN_EeXwR7xTJljFl4pDZmxrYxzI_cMKE47e3bGPSFHmYWX76AhXBK010eOEe0A10nfGIUphJi17iZWLCMATnlOmMPT8jH0PTuBRcfZ3w3Aso3sVzZ10GM68QyBcvJUVUJso0WCtLtyQpaAxnpp5xJ3Ban1cAvRbGB-_degkN8rtLviJtsmnCIypIm1j3K0mCOWP3DBroZdz24VzfImDWsbPb-AhNCFrwh1d0pnlX633JziD0IAQHMruAMtxEdZlDXJAcHuATKBdkRrhk_Qvv2o_xey8-2t86STvFG_r2xIRfnAnx4ubNzZPWkPHBpEP2Ysxo26ltxhKIjhZrFr20LA5PSdJasdy3UPXOI67NsmKaPC6LparQcALRRB43Fe9Qatb8MjuTRsHyRZIVCts7GJKibcasVya4h2QaPL-4LJA773Dhmt_0rEnvf2X7xrbpNlYKoDsPFNDIgrK1CiBFmJAa7JZvV41BOBsSUBrDDOaVftEojwQVjNdLB6LEdWPc15RvUmoMGI7Cet3cz4LgzTB1QavslEtdf_eyjHMhrlD9zgOCjES68M9rLPcxBIgstAgwKxmrHhLXV0D_9kG_uao-xajcAYZ-Vnwbs3YM-ebtt7WCJq2DrLnqKbCT5fJuU9VXG3AbC0rAfBTkA2tykda6RCvR1YCSt04Y-S3wsNPK3pRg1Swf4r_wmK8l4tfmHrAQsUEh5ChO1O3JuM5Q9oaUokOHaK3PQci0LONh8wZcd3BqfhpRtW-AJmAIACiFWq1uRRbaPYFmtWfEnpP2-j-TVtrVL9V8fJvLETOK9_L62ctABWrhTnB3Jg3UDP47Rpz-jMqe9FDREi0EA8VzSdqI_xnlIQFdrMQjexqRH4YTiJerPH2nP8dIN93a_Y1eSOCRe-fba0tZp0z4yNHFeNrBhcR6b5wWXy1V2CFWoWCvS-Pnpkdyvh6-Qqpz34x1DPWe9An-7vmM-LoymJBT2SQpxOPvVDwOfVR1w6RvigwMkmiJADbyRPnA-9Rx3w2cRZRfH68aERwTqw4mn_wiyc6FxckWgTgztAsK6wB-S44T-n_iZ9tuCDy0c9ZVO-FL8i7lIZjyibpGe_netJXrm6sdQTy0JS6pI0fkx9_yecRBt-ojhnFwYsGuIQaiInIpIqKN950dHs0RUOz7xVsvfSvvhzps827IErQkJxeBZX6VSA1MN-JsmMYxApAJkCMjIHHof4SQ_ahrWl5KdswbYrQLorw_DNIhBg3JDf6kMLc-brSYVQBUfGZ4ELvQJbHxqcnqYUwW3tL5N2bfPXOJaUP1G_p88enNi1eJauW93kkm-LzhNDCklEFkT-6U1W3QrbZhxf0M2HONN8P96MhC6j5uYGf7RZJF8wPamgr0FsFjP3XcHMM_NnSklkNsOCVq2wlJR-a7kS4JIARoly6809JJ2X-8Ns6a6vV7imthzMV8vRb-HBNzM1EJBPVQZauYNAybZ4cjzxkDTqBeVsCT1d_WpPeqCnV4zcXIo50v0spH5lH-y647oFHad-JIk4kadLfvhVL86pgRM3yLc5v1-w7BeXJqF5U6oPlJw_981q7cdwSgP_AzWSJmqr_Pu7ht-89uNrkmygX4GtaYXhlmyL0RE4XbZRz6Vqg7VKXPKZwdkpSsZP0V1HgW5KMhV7nSgMF2ypjqNj_0I8PoJjKdB0zqwW8AYflYc_iqIGtyGVXpYMvQleuERIg5D9uuDS0v9o_kiMwpm-xH5HeL-sdZQlUn-rdg5PcI2Ki-PqIP3jtQro&cid=CAASBORoOEc&rfl=2%2Chttps%253A%252F%252Foneotv.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 13:57:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame A593 25 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9648
x-xss-protection: 0
server: cafe
etag: 2224892065184813991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:05:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A01
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

71ms
71ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 14:06:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 14:06:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 14:06:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A593 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Feb 2023 16:13:41 GMT

GET
DATA 200
OK truncated
/ Frame A593 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86d7bc76ac632c724d5e75d9a1e2686fa89cc31b6829bfb0338c89cb39a9c99b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D38 22 KB
8 KB 11ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 08:13:54 GMT
expires: Wed, 22 Feb 2023 08:13:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 21181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/ Frame B06E 4 KB
2 KB 30ms
9ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d64bf0c540a370613f5f26c55378245d606e4eefa43317280cb130941529b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1538
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 10:59:05 GMT
expires: Sat, 18 Feb 2023 10:59:05 GMT
cache-control: public, max-age=31536000
age: 356870
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A593 0
571 B 108ms
80ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv37AxDaypZeXUYh2heGBaA__9e-kFJG9lUGirpFOEFTDmVXbey3z5mMalaltYOFYazTByehxFYDGBa0S-7qahYamn2n1xVkeldyluAp21Z_-L7QqNZdO42Ee_Pw0Eo6vLzYV5OKT-0NXChUD9zsKta6GEI41zWWA2u3gHeTF7McgipL6Ncm0bwYfcv5XeZUP8aWps1tQeRg9WYQP_H8lD9pqqC_GRBkq7r4hXXvSrQ047uqa9pC8R7QfGikdECI2NVAgtJFAFVclxp3dxf2bR1IJfWmGG8F1aRX7ezhqxnKyzuu_4JHik8GDBVMv6mBexeScKX4WQNmCbOig9EMIA_5Xe-LnJ17CWE4eEWG1GI_W5OB91Xgrt_Vtj4m2O5IuRmXkMoAHM2-xLOsHu8TGA9SSrX35bhmvLDEGDGTahFHgppV3xmyC6EeU-82CkdtECxA5P4yboddXMJdFqaNMNRQ5_7LRqZcWfPz1E9PURodoNYVFZJq4tuCCv3ba6wN2UlVVBmczxbHx_rBh6xG49J6fmbvYShz2uvz_C4pndrBVpyH9_vrfPkw4CezZgc-07OjAaaKQHLvDSO9SEQsxXNdA27yToqUqPGJRyf9y8Ash3OPxoCQwhmn62NzCBVZ6lf3L-2dkoFTtyJ96fSjjnT8bzof6zF2YIy5KWjWUoLJPt7GFjhaQMX5W-Nl3ocI3-rul99C188gTFl2hgaSNXdCemWLysMaFHFfStAVsT2kJaqRfCygOV143lU0Evc4exvucqHQGZZegBNl3F8DeeVMaRNqZtRUIKnJHavaAYUNsOGth7kgeYT6CkDVFE0Qt52_L9vs_OUp-jPbRFntQAsmWU4nVXwSZB9a4A4VTcNfS2bF_ALIJ3wiw2f-Dp8cAE1o9fBqWL9wuizk6hKIPJg1aexNLk2Sa4jFgT8OeJQZsUKrcKRtnXxMLjUU9NI7foCpmDnJDGOHI3bwhd-WzBV_W8Z3AuO3V_1jjwU-xv8O-v0pHqrLaVvfSbyWOOTJqrlgwzMWHd493D6mqBQv7cZ6NyFLhB3EL2KjgE0GS8l_MESj3L2w3jTgjYQNat1x4M7x7rc5GK17Jytx2Lf6hqvtOhqLETZ3kAYBbo0FjruRuE&sai=AMfl-YR1P2VTWJ5gwtYweaNv6-8HYKRkTSOmDevZcRrSV3rgSZyHnjINFPDc-YDiCc-ukT9XBPiExwd7JoS6DGFv-IGwxohtp5Q_yjf0im821IzbVwxl9hhXKhZZKbdHw5XeydOC&sig=Cg0ArKJSzB06dNVNAqFqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=65&cisv=r20220216.74974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 22 Feb 2022 14:06:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D38 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 13:49:28 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/ Frame B06E 507 B
351 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714fdc8f45f2cffbe310f8437d1ee626a200c0814313f075afc8bca5ee093da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 322
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Feb 2023 10:59:05 GMT

GET
H3 200 animations.css
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/ Frame B06E 2 KB
347 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/animations.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6424a276777843e184cd58a866136adec17697b54ed595a2d1a1990555c73c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 05:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 05:37:52 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/ Frame B06E 6 KB
6 KB 11ms
11ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfc9e9f008087d660e704703f6588e40ab13d0c50ccdc549b4fe962d019fc0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 05:35:39 GMT
x-content-type-options: nosniff
age: 30677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6241
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 05:35:39 GMT

GET
H3 200 img-personas.png
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/ Frame B06E 17 KB
17 KB 9ms
9ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/img-personas.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

592a30b3f5ffdaf659d0d5df2e5599afbe976c904c2a9a23b291cbf9cc48ed9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:59:05 GMT
x-content-type-options: nosniff
age: 356871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16960
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Feb 2023 10:59:05 GMT

GET
H3 200 text-MBA.png
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/ Frame B06E 7 KB
7 KB 13ms
12ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/text-MBA.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c3dbbe7fd7e66ce1456d0a500996b3fe3fd4785ff1734c1b99032016055e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:59:05 GMT
x-content-type-options: nosniff
age: 356871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7362
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Feb 2023 10:59:05 GMT

GET
H3 200 button-start.png
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/ Frame B06E 4 KB
4 KB 14ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/button-start.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c66f2b53c6c0b3f177fcaea281313121c2ffa5710af46d82b97ae5c74b864062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 05:17:11 GMT
x-content-type-options: nosniff
age: 31785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4295
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 05:17:11 GMT

GET
H3 200 background.png
s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/ Frame B06E 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/img/background.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c865fbe662dd710dae3d06b8ab98adf88f9e6314d4e6a3771e42151b30b640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7358846028699040144/FT_EUROPA_CONSIDERATION_MBA_728x90_231221/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:59:05 GMT
x-content-type-options: nosniff
age: 356871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1808
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:15:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Feb 2023 10:59:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A593 0
23 B 63ms
44ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv37AxDaypZeXUYh2heGBaA__9e-kFJG9lUGirpFOEFTDmVXbey3z5mMalaltYOFYazTByehxFYDGBa0S-7qahYamn2n1xVkeldyluAp21Z_-L7QqNZdO42Ee_Pw0Eo6vLzYV5OKT-0NXChUD9zsKta6GEI41zWWA2u3gHeTF7McgipL6Ncm0bwYfcv5XeZUP8aWps1tQeRg9WYQP_H8lD9pqqC_GRBkq7r4hXXvSrQ047uqa9pC8R7QfGikdECI2NVAgtJFAFVclxp3dxf2bR1IJfWmGG8F1aRX7ezhqxnKyzuu_4JHik8GDBVMv6mBexeScKX4WQNmCbOig9EMIA_5Xe-LnJ17CWE4eEWG1GI_W5OB91Xgrt_Vtj4m2O5IuRmXkMoAHM2-xLOsHu8TGA9SSrX35bhmvLDEGDGTahFHgppV3xmyC6EeU-82CkdtECxA5P4yboddXMJdFqaNMNRQ5_7LRqZcWfPz1E9PURodoNYVFZJq4tuCCv3ba6wN2UlVVBmczxbHx_rBh6xG49J6fmbvYShz2uvz_C4pndrBVpyH9_vrfPkw4CezZgc-07OjAaaKQHLvDSO9SEQsxXNdA27yToqUqPGJRyf9y8Ash3OPxoCQwhmn62NzCBVZ6lf3L-2dkoFTtyJ96fSjjnT8bzof6zF2YIy5KWjWUoLJPt7GFjhaQMX5W-Nl3ocI3-rul99C188gTFl2hgaSNXdCemWLysMaFHFfStAVsT2kJaqRfCygOV143lU0Evc4exvucqHQGZZegBNl3F8DeeVMaRNqZtRUIKnJHavaAYUNsOGth7kgeYT6CkDVFE0Qt52_L9vs_OUp-jPbRFntQAsmWU4nVXwSZB9a4A4VTcNfS2bF_ALIJ3wiw2f-Dp8cAE1o9fBqWL9wuizk6hKIPJg1aexNLk2Sa4jFgT8OeJQZsUKrcKRtnXxMLjUU9NI7foCpmDnJDGOHI3bwhd-WzBV_W8Z3AuO3V_1jjwU-xv8O-v0pHqrLaVvfSbyWOOTJqrlgwzMWHd493D6mqBQv7cZ6NyFLhB3EL2KjgE0GS8l_MESj3L2w3jTgjYQNat1x4M7x7rc5GK17Jytx2Lf6hqvtOhqLETZ3kAYBbo0FjruRuE&sai=AMfl-YR1P2VTWJ5gwtYweaNv6-8HYKRkTSOmDevZcRrSV3rgSZyHnjINFPDc-YDiCc-ukT9XBPiExwd7JoS6DGFv-IGwxohtp5Q_yjf0im821IzbVwxl9hhXKhZZKbdHw5XeydOC&sig=Cg0ArKJSzB06dNVNAqFqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&vt=11&dtpt=117&dett=3&cstd=65&cisv=r20220216.74974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 14:06:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BBC 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 13:49:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 43ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da2aa15a585064e0378f5e962b484b4c63d4ffb4fcb2c02c41338fb2eec71f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 14:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9733
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:06:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D38 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg_QZ_-0UYq3eMrmCjuwPzs2E8AoAAAAAOAHgBAI&bg=!7-yl7KjNAAbf-5Dq3_s7ACkAdvg8WsOxX5LvC8hP4cRiKePzYV7rwpkJFZghCxgBb4A6kowzd65OpQIAAACCUgAAAAFoAQcKAAE5mQMAo8Gk7SayFTM0iMQd4bf7mMbv76TA5aJ9GsunSY4hwsUoTvopumcAzh99iD-BxKol5j9OIC2MRsuQybUMeUy-YsPVaD-3uBEV2W5YvCj1Gov3N1qyD-UIE5_MQi0mi2SGs5PZkQBtt_eFpdcYIYICpoO0O6sjWiP7kOIzXJrXkhkhxhb6H7gq2la4g03MIH3bXUm9KP9FbYp9wCxpP84aDpSSSJVfLwrrxQ-DmaAdaDJtW_CBpkevxp0EnL5ilRW1U90TKTgQzaRaxEXjvKSRPWug6Jb0tdNWsK5ss7gzFV0dPubJoToP0OOiYjRItuyXyVdNkDeecyJGBjkMgVGz0B3VX-Vlb_BCD50vj8Zip1VeKd8olfZt3D_6PcOArt-LmEmQmVRgCHDxviVkgDeoNnprij967z7i_RMlepyPtrATtovwRAVI8BgJ-fM305hRfBi9bmN5HJcajqLFmhey-x6tULrGpCwVEtGwHv8ME7kJztYs4Pk8t6Uruthk8KFpcxfkt4EG8Nw5SHraQxu-_D8N5hKHKBRpfbP3y0dtw8Q1uFyY7L2kEcp0m4ln0cfxsVfAU8l0KYIR2kOuZH6qRoaiPrX4khl7XaXBUzzHGpj0Wm2Mzao62YKHoyU2pMbkDT41npX2FINv8J4BWhikMpJUaz6n5blL5EdMc5cDnRf2Au3z6Fo_ol6OCi9nbcpqIA6Ez0_gS4Hy42r6n9wH82L4JGBD2VpVlq0cgtjt5MNtzr7aPN60tcgEQAVxW0jqP2zZ1gNeT3PCfk-1NN5YTApIeIizrAg9UZFKkYftePVLBrRBTfetrvIySqE69Q25GbJFhWQzfov7bpoqrL9BObAKWCp0tdMTwxeddeli_d2NeiX0XBxIALeu7FcEsNZKknkbsLADNjGq7Bcm45L_dhnspv5Y3NUF4XiE0HWJNIHDyKJLcvxBwC9TqAcPHUGuTgm9PtZZinqJYt175QL1TQADpBHN74K1iKrzyHtwJ3j5cCtrnpIbzzJE8570U3OO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A82C 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 13:49:27 GMT
expires: Wed, 22 Feb 2023 13:49:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D99A 783 B
535 B 20ms
20ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6c22944485a5f730e4aa9b353fda86f9cd09ce7a21ac5b15995c732dfcff6c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NZSjJoRsnSLFXbJsNBHDPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 22 Feb 2022 14:06:56 GMT
date: Tue, 22 Feb 2022 14:06:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NZSjJoRsnSLFXbJsNBHDPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame A82C 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 13:49:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D99A 0
0 61ms
61ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=2960363348822116&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A82C 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_s2osQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=2960363348822116&bg=!7O-l76vNAAbf-5Dq3_s7ACkAdvg8WuNkMZ0iU1NKcjpU-GtNBzRzyIoFPNTWS9Z4YhL4lScMJYVDegIAAABTUgAAAAJoAQcKALN2GzHdn2Lr0gTJBj42KlJgBGrjpq95zk1WWm_npbOPNZj6v-b-TVfo-wQQjl6ydnLfYunNV2B1mJHA1ZmXMIujLSZSjp6manCo_GTmDlB4u23bi4CDhjIr6qpEzQkDbScABrmeUBdX3aVFxZHfEOycHD1VwMmc2NdY0t8PNwepjCcKn2pabG3-PvMCvmlx7AB5b2ZMysSiPaxSEnaTx-fTRmFKMRKvSk-M16Sy4iFUxj0AaZkCxNu42v3RZGEnk40HCyzhrYvVcJLpfujeifAGDlMvd3tCYRIgBsfjNt_YS2COXqe0SiGUfbJV0_-3HB8fyp4FF0D9TSDSrxzVGRRGWAkEqC7NRe0pmpxgJmdkHgJlI7jYHAYMzDPel0lKFx676e3qwPpv9RNz9fuHYsQ7zK22pghiEmXy4vEXNyi25tjwl16M8K640XOrsgkEsOGnabg2Lxk329EWbIK4sIPIcjilO7517dpnnYQrubSEX1YXLftAl1I8uRp5fKaXPMANHklCsvHebmfq8NECm6jDf8g0ytV9Flnyl0VSGAa4krd5WwRDm5r39GV0bWmco5MhmiUmqgWWHN_heikOglhZlPqfy0rK6gZweqnxzWBarheXXiZNwTkBZpvtFb6WzPKC6jO2z-wlaPV6EMDZIdmwQnWPmsQDm_QE8GcqWVkpEtGyYhkRnLkUQ4Z0kX3bMdQyn9DXZ0k3k52TSrBqftJA7tm1eEU7ieA_WRNF7GRbO7Fuu0iiCSNScBTCZDqfdj_LmNXoCYZem_Z_sg7tU-OtlhQzDezAhQsY0SboPxNl6NFmC-2n7RMjeyu-0jjXSkBL-o9-zRuZz4XgsfcmBm9CnDQO88BcqYwCKiv0BlpcI6PL_4LI3fY2xRy_DI-9Kp4LLU-xqslHYif6CTn0xbyaxkkdW_-FtVOkaYorA6pCJ_Qav3IA_4hOO03N-636Mm1Al2_Ky1mfB7DgC8K_V9QVk-DbtsG3rlffTki2_XSuSRdhZycXD9RYKJPo2os8SFfWGn07c4BwFjyYlMAMizQuB0-tguod1mFp2he-BwYmOvKtUXxVAJx78ECer8-qwVj8-m3GnqoKmUQfZE4CNPmdXHdhEQ4owomrxj_dvB6StGL3DYnr6N11gjBduU3_OmnSWxavgNDn2-a9z-0tEjrjU3_8yiau9hMRyg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
oneotv.online/live/ 4 KB
5 KB 29ms
28ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/logo.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

4e62a6bf16701dbc05b906c5ecb6321debcf401eacf3f11858f333f3ab1e8cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259419
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4348
last-modified: Sat, 19 Feb 2022 08:03:26 GMT
server: cloudflare
etag: "6210a44e-10fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TA%2BuW6aSs5%2BVFgUdmvbNiuO6mx5Tvowo81PM3qgck2a3tZfQLuwV6mE6QEyRW9B9OPAkx9XXFKAHnVJU6grqSxqt1yBU1QeJxT7DplOw0oEBVWVgDkDrwD88ggjNdzfPQVHB6ulg%2FSMP3ZeQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7226bd621b1-DUS
expires: Sun, 19 Feb 2023 14:03:17 GMT

GET
H3 200 logo.png
oneotv.online/live/ 4 KB
5 KB 34ms
33ms Image
image/png 2606:4700:3033::6815:2179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneotv.online/live/logo.png

Requested by

Host: oneotv.online
URL: https://oneotv.online/live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

4e62a6bf16701dbc05b906c5ecb6321debcf401eacf3f11858f333f3ab1e8cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oneotv.online/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:06:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259419
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4348
last-modified: Sat, 19 Feb 2022 08:03:26 GMT
server: cloudflare
etag: "6210a44e-10fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f2yDq98Cat4YrdrnIkhbCxD6l%2B4KbnSUcw4L4r4bp7yUrxtpIWwwfGQ6KqRD4l6WQ45ablng8vsJFRLisOpyLYtqAJ%2B1gcsLV7CjcuuAqKnEJm7xh52CADr4upomGib4JOTwhxRGSutspyj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18c7229c4b21b1-DUS
expires: Sun, 19 Feb 2023 14:03:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D001 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwrWY_bUz0igbyqHtpCQWZ_HMXTjhzwfxi349oHBzWY_bjeCVnVCg5TQ-Z5kMLm16mpidvJAFig_Z8Pxt-xNanzlTdh9UUoTjzIfk8bjJmyDZvD1bVUg&sai=AMfl-YTwDal7z83nzSrwAZaZIvS-Yg96EdBiG8OlzgwWBU74wTPwRQNdCELj5-aBDT-gzTjtHJjqLj0RQZmA&sig=Cg0ArKJSzMuDTtknwXCAEAE&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3901354800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645538814693&rpt=681&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A593 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2RYmubj_LvS_1EcuokP4K3EDfaBaa7ySGF1Q6DIksxyjK3ChXmw-Z6qvgPkE1gaLZO58KwWSBWXEbfBwpDMcmMbt-cdMViudb1Dp9m5TqsnEBfFF7DA&sai=AMfl-YQnH069g3M-l9kBGK6Rpssc5gbfM6LKsh9stfTJysv9R1R6Qnbz9OVrsqPXFZuMhdsXAMtcfLFH3wNm&sig=Cg0ArKJSzIta1Oq3hGlIEAE&cid=CAASBORoOEc&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=407,909,1000,1000,1000&tos=407,502,91,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645538815805&rpt=312&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 14:06:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oneotv.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: oc3dfa96b17queq9571mngvos8
.oneotv.online/	1970-01-20 18:36:50	Name: _ga Value: GA1.2.722605266.1645538815
.oneotv.online/	1970-01-20 01:07:05	Name: _gid Value: GA1.2.1598574740.1645538815
.oneotv.online/	1970-01-20 01:05:38	Name: _gat_gtag_UA_185373939_1 Value: 1
.oneotv.online/	1970-01-20 10:27:14	Name: __gads Value: ID=72775038c41ca29b-222d3a2b49cd00de:T=1645538814:RT=1645538814:S=ALNI_MZYwRtGZLWE_PzFpRohqLFuYqIxnA
m.exactag.com/	1970-01-20 03:15:14	Name: exactag_new_gk Value: 203144ddeb814052ba3364a7e01fbf41%7c23.04.2022+14%3a06%3a55
m.exactag.com/	1970-01-20 05:24:50	Name: exactag_new_uk Value: 8e215b01da414596abaa4a469a1a10cc%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: ff227c48aaae442fb101e37b
.doubleclick.net/	1970-01-20 10:27:14	Name: IDE Value: AHWqTUkJ8qL9nAkIgA2wJgycgRPm7JVtJbzDwK2B4ZoK0RsDNTTdjhsjqs2FO2sdkMs
.doubleclick.net/	1970-01-20 01:05:42	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 03:15:14	Name: CMPS Value: 5204
.adnxs.com/	1970-01-20 03:15:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IllvxtK)!]tbPl1M>e)ZlrFUfJ+tGXxo@X[>W4?K+ACHLY^.DxGxfE</K2Q<=2KUVF#23If)y3KL9D3I?+TE2Bl]
.casalemedia.com/	1970-01-20 09:51:14	Name: CMID Value: YhTt-5OMuCMWBqTN1td5PgAA
.casalemedia.com/	1970-01-20 03:15:14	Name: CMPRO Value: 1185
.adnxs.com/	1970-01-20 03:15:14	Name: uuid2 Value: 4599074193067266739
.casalemedia.com/	1970-01-20 09:51:14	Name: CMRUM3 Value: 2d6214ee002760CAESEAh2s_D0vaF-yP6QDMYeelc
.casalemedia.com/	1970-01-20 01:07:05	Name: CMST Value: YhTt-2IU7gAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.exactag.com
oneotv.com
oneotv.online
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
s0.2mdn.net
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.98
142.250.186.66
178.250.0.139
178.250.0.160
178.250.2.150
185.33.220.216
2.18.234.21
216.58.212.130
2606:4700:3033::6815:2179
2606:4700::6810:125e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a02:2638:1::2
2a02:2638::18
2a02:2638::3
2a06:98c1:3121::7
85.14.248.72
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b21f0f025e3569546e21d41aa765f628e3c078c7e2a677ad226c5611f97abcd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0ec17c82ecc7df5514f58037b77e0ad1ebb32bbef01c27efe83c9775511ce8cc
11d534f68813bba04f65b86c0a508dcf1043a08544c8502fb8dd4cf45474062f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17a9a29e4fafec3b795b5e7dcce4a04e5858a3db2b11340e8d7c3f8ab292c4ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181672079568e84390119dadc09d38dbe89177857785f16167f48726de595b50
19d68d8c9b0afec111ca934d319c454fe9d57234d8915b2d837e36d54410ddf7
1ba1afa0b5a2e462bd5459e5d5fb4d5f544b4b5e902413af92aa570cd78a1adb
232185767150d12bea5af25001983e329a40279bdecaa5e9822caade575fe2de
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7d135af1925b1e3402b9cc8cd324b864e2f2f9eb203e471d24ad090c7e213d
2cbf54631a64c79a1f40c2045b4e00c59596db088cf68713452de132053a8d1b
3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b
3261d165c56aaa3fee72f4e6fe21561e9abe6f97bf401e3e8f0b68c65f259236
3cad5361705995f61ac053ca047f4e9b02eb99832561de41809e9ffb4d671063
3ceae708d0faa8b7eb929fff5871809c816b29ea744e70cb66c384d1a5530a6e
3cfa159ee0b5acfee9f92b4990bbaeb5ac20d578a31a84e63f3a6275d56695a7
3eccc811869d20e4620adbf26a3dd4ec6f36c50f1d05afda0e9927cd429e209f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
49b03786748b56665456cd661bd2299481588f194535cab874d33d77a1980f6e
49c8d07e3fd3f2253760ec49381583e70c8dc2f05eee455e7a70486043c13197
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0e6cc1989a875dfc1bacd35fa70e9a1d417ca0d014e06ec78a5a4f57dff40d
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e62a6bf16701dbc05b906c5ecb6321debcf401eacf3f11858f333f3ab1e8cfc
4f8dd86c0a9107b3d345fd52599a307a80bab313042c750928f1ea495d1e8d62
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52461eea22fce0fa8beb04bb49092cbb80d38bb40d4d3c6d3e70e039fc468ef2
5264be7f425cabd06195b7eae6313dbd6fdf2b1e67d316ce8d30dfeb15591d5d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d43d552934ce3d6caadff3b2023d66a002d535e0bcb3994f83d22e3967b30b
572968840d7b1b6bd712ec25eed97cf63b6f9debd42a1529d90a81917164ca01
592a30b3f5ffdaf659d0d5df2e5599afbe976c904c2a9a23b291cbf9cc48ed9c
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5db15a65bb60f2edbe44a2b9fe669d95d28b82a1b05104785e11d49b1806e940
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6424a276777843e184cd58a866136adec17697b54ed595a2d1a1990555c73c28
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c065485e251d8a7a049574eb157387735320511217b56e17df8f1312aa8bb37
714fdc8f45f2cffbe310f8437d1ee626a200c0814313f075afc8bca5ee093da6
71a06b33928a2c4b1b77ff025774d11605af46bd8a942dd46d9f792bc3cfdb2e
720effbf9554e3e0cafb40fd24e824c7a31409dff647afe5d380e34afb20df41
75635cb40cb02231c3c593ec49293373858cc5691070dc1f26376e6575c1b82a
76737de4247ef72401d09f8e98bd6d11d8f4d3375e692b03fc496679ac3f8dca
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a5c7b3d5f6437e5d4f2e5bc19e8d4731149be6497efd21a4bd89567e0e9a248
7f78e89e6db1a9cb041c3e42e86787204a9451b8ee5456173b6f25695f3f483c
84817120b5278c2c8c85703f0d977157bcf5168f88f1352251da23d1893f9a29
86d7bc76ac632c724d5e75d9a1e2686fa89cc31b6829bfb0338c89cb39a9c99b
88a4d8c17c268916e345af6700cb805f26f0399cc708f2da778b670e6f2d991f
89109fc89293e1254603e4a8f4e7550827085b4cee2812d7760f9d88c401e526
8c0291da388835cc59cdbc9f74071b3ac833b70e47cebf613f2ccbdc6208a58a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
953dd5d8fa888baca89bdc15c6d0331c6b8158e901959cd3cd9cd9f65dcef57e
99363e1c04524c0877616046fb7879aee299ea8ab4f247a7d9b030a714b942a1
9d64bf0c540a370613f5f26c55378245d606e4eefa43317280cb130941529b26
9e3f9d856ce97127a9d0b7f65af40ecf6e09106c42a1e1b334e37bd41d916e1f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c9c0008915135224a1715b05cf1c748f42486afbd82cacb1b389f927575ad9
a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a746ac0e51665d741db8fc04f3e934d6e77db086139f831f8aa62e61df0437c1
a938c413c8cb6445144e7054bc579bb8f0ac168dfa5f33aa6d2113b880f999fb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b72ff5026b6a846f35ea73ee573364454a6a738884715bcd055948977588c0d8
b79200304f02c4220f9ab0105b0d334405732dc6b5f8dae20b41f36f48e48fe4
bb7c09d44890f67b8184f057beb4444defd794c2796a244bf0d0a33bb354a80d
bd8538c5945ce4a2aafe2121029153910c885c9e543600b47f69dcb8268441d8
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bfc17c69c7648ca28b1b79a9b521cbca2a31aac09978ba8258a4d22a7e31ee40
bfc9e9f008087d660e704703f6588e40ab13d0c50ccdc549b4fe962d019fc0ad
c4c865fbe662dd710dae3d06b8ab98adf88f9e6314d4e6a3771e42151b30b640
c595b48f84d05a25b6605a0a84a04d2d330924be88282d39aaafcb2de5b587dd
c66f2b53c6c0b3f177fcaea281313121c2ffa5710af46d82b97ae5c74b864062
c9f0509f5c3be4d7d58d0767ff0b9b97ae84fd3e1a831663265d9b3326cd9a3b
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cbcd2900c4ff5cf6b00ed536cc0cf8db012983b0afd0bad90528d21b2a24b655
cd08b34f36b8f848b1301d4776ad777f5d0266b52c0d7b455f7f2f44d3624be8
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
cefe3a3b9abbf4707d8e5a7e7bcb897a7894ab38e5fa219e4464ee18f6575355
d07cae47811a9895f1118ab658ac7c8965d26e909643dd026aa6702375b5f94d
d3a98e9f613c73bb88cfcb473bbd4f44abb342640ba4a585d50622fd94b5349f
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d6c22944485a5f730e4aa9b353fda86f9cd09ce7a21ac5b15995c732dfcff6c7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d96cceaf06de0cba7802065b4512f3ff640db59dd7d0632905bb46356b0132e3
da2aa15a585064e0378f5e962b484b4c63d4ffb4fcb2c02c41338fb2eec71f76
de232abc34137c3d95d2219cc4099b1083b15896ed804c7bc98699291ad41283
de6c28719700750f523433dfc69f80d54ac1846dc19ccab8e72c91b1b714fab0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c3dbbe7fd7e66ce1456d0a500996b3fe3fd4785ff1734c1b99032016055e8a
e934f7982732e61b9db7d7714e9beed550f8e16cc3609847522eec4982226628
ef069b30356a9f49acb01d6a560fdd8ee05a151bc4ebae69a7412cfa62438419
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f038a1a4cab31ef41edf6b4e3e6659f4bc8c4d6367c8233eb395c975e73fcf94
f083ed45461e96b02fa995e4dfbd055fbe1e530199017928d7de5646ff8ffa3f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fae6d73caff904a0105b98966c501f7ad0aa7ab2cbc107ea0fbd55181f8c400c
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1

oneotv.online Open in urlscan Pro 2606:4700:3033::6815:2179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

98 %HTTPS

68 %IPv6

19 Domains

28 Subdomains

28 IPs

4 Countries

2216 kBTransfer

4655 kBSize

17 Cookies

16 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oneotv.online Open in urlscan Pro
2606:4700:3033::6815:2179 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

98 %
HTTPS

68 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

2216 kB
Transfer

4655 kB
Size

17
Cookies

176 HTTP transactions
9 data transactions