urlscan.io logo urlscan.io
SecurityTrails logo

www.plstreams.org Open in urlscan Pro
2a00:1450:4001:811::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.plstreams.org/p/ucl2.html
Submission: On May 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 15 domains to perform 39 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.plstreams.org.
TLS certificate: Issued by GTS CA 1D4 on May 15th 2023. Valid for: 3 months.
This is the only time www.plstreams.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.plstreams.org
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:828::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::6816:fc7 (United States)

ASN13335 (CLOUDFLARENET, US)
online.alkoora.live
1    2606:4700:3033::6815:691 (United States)

ASN13335 (CLOUDFLARENET, US)
live.online-koora.live
4    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2600:9000:214f:a600:1b:b42d:6f40:21 (United States)

ASN16509 (AMAZON-02, US)
d2uimycvh6e75p.cloudfront.net
3    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
204 KB
5 cloudfront.net
d2uimycvh6e75p.cloudfront.net
9 MB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
296 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
41 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
212 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
10 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9258
857 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
383 B
1 online-koora.live
live.online-koora.live — Cisco Umbrella Rank: 948129
12 KB
1 alkoora.live
online.alkoora.live — Cisco Umbrella Rank: 418130
12 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 14274
29 KB
1 plstreams.org
www.plstreams.org
165 KB
0 quest123.top Failed
es3.quest123.top Failed
39 15
Domain Requested by
6 pagead2.googlesyndication.com www.plstreams.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 d2uimycvh6e75p.cloudfront.net cdn.jsdelivr.net
4 cdn.jsdelivr.net www.plstreams.org
live.online-koora.live
online.alkoora.live
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.google-analytics.com www.plstreams.org
www.google-analytics.com
www.googletagmanager.com
3 www.googletagmanager.com www.plstreams.org
online.alkoora.live
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.blogger.com www.plstreams.org
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 live.online-koora.live www.plstreams.org
1 online.alkoora.live www.plstreams.org
1 blogger.googleusercontent.com www.plstreams.org
1 www.plstreams.org
0 es3.quest123.top Failed cdn.jsdelivr.net
39 18

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
twitter.com
web.whatsapp.com
api.whatsapp.com
www.extratime.live
Subject Issuer Validity Valid
www.plstreams.org
GTS CA 1D4		 2023-05-15 -
2023-08-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
online.alkoora.live
GTS CA 1P5		 2023-04-21 -
2023-07-20		 3 months crt.sh
*.online-koora.live
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.plstreams.org/p/ucl2.html
Frame ID: CEBB362D319CF869EBA8F513E96F3445
Requests: 19 HTTP requests in this frame

Frame: https://online.alkoora.live/albaplayer/ontime-sport-1/
Frame ID: 47FA9E0C2B8C9D5DDA8AE8C9436DC7CC
Requests: 12 HTTP requests in this frame

Frame: https://live.online-koora.live/albaplayer/sports-1/
Frame ID: CC13286A25C0EF615F94FF6B5E872D9F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 78C08B9C468DFF9A8612425BDCFEA61F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7391393567498525&output=html&adk=1812271804&adf=3025194257&lmt=1684317497&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.plstreams.org%2Fp%2Fucl2.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684350177466&bpp=3&bdt=492&idt=314&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2151459452271&frm=20&pv=2&ga_vid=179843344.1684350177&ga_sid=1684350178&ga_hid=426222809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074469%2C31074636%2C44788442%2C44789779%2C31071260&oid=2&pvsid=4058160736737864&tmod=1854535303&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=339
Frame ID: 01E6D10973B4E6C9988568D0A124C300
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20556EB607C6C248D4A65FF7248D40A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76C95E76CB3EF65E050A7F1101B14C75
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manchester City vs Real Madrid - preview, team news, lineups and live stream

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

95 %
HTTPS

100 %
IPv6

15
Domains

18
Subdomains

17
IPs

2
Countries

10513 kB
Transfer

12509 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ucl2.html
www.plstreams.org/p/ 		473 KB
165 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f60f9f8913f8ec0390ce09b0427d51ffb79cf6d2acd345c31abc82f123932266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
168275
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 19:02:56 GMT
etag
W/"373d987893b34aa0a687ef728eb2e61ede7a0846266137b87f33029641402eea"
expires
Wed, 17 May 2023 19:02:56 GMT
last-modified
Wed, 17 May 2023 09:58:17 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all,noodp
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V0KXYPKN7Z
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
018111af090cc5059354dc5613e3d8dd7479547d5dae9349e215917e2fa24678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 May 2023 19:02:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7391393567498525
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
467b6722bde8647eb76473e536bc3dc3e16e89c92f65fee475fc9036ba820c76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plstreams.org/
Origin
https://www.plstreams.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47638
x-xss-protection
0
server
cafe
etag
7737149469161292023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:02:57 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5409978861267963181&zx=a1e61c27-b1ca-48c5-8830-57aad0729fc4
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 May 2023 19:02:57 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
AVvXsEiIoxAxBnqGHB2IxSX0aL570-yhO91uMqEli2Axr3I3DV7qI_HG2Bn3V042JSF-8jkGS_M6TFnI0Ie5OPiRsm_jCqfhGEcAuCAqx5Ogg_f0HY4spMqHuuXtF6siomyS7odmSErvh4ms-fPR7zlwsz09PSAUUaByuULrjqsIHq_NS-5k6m2o8ICc2Yq1=s783
blogger.googleusercontent.com/img/a/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiIoxAxBnqGHB2IxSX0aL570-yhO91uMqEli2Axr3I3DV7qI_HG2Bn3V042JSF-8jkGS_M6TFnI0Ie5OPiRsm_jCqfhGEcAuCAqx5Ogg_f0HY4spMqHuuXtF6siomyS7odmSErvh4ms-fPR7zlwsz09PSAUUaByuULrjqsIHq_NS-5k6m2o8ICc2Yq1=s783
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
49d4c556c589b5c870514c46cfc8a42013b7c34c94919edd1cb6e80ffbb88058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1c7"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3D1A9509-2218-4C27-BBFD-2006DFB60120.jpeg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29155
x-xss-protection
0
expires
Thu, 18 May 2023 19:02:57 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1638
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 17 May 2023 20:35:39 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		401 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
/
online.alkoora.live/albaplayer/ontime-sport-1/ Frame 47FA 		29 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online.alkoora.live/albaplayer/ontime-sport-1/
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb772e78ec81ca6f257763d18de268398736f8721acd0a5c57fba6c57253785
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.plstreams.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c8e1e1ecb71905b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 19:02:57 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
HIT
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
/
live.online-koora.live/albaplayer/sports-1/ Frame CC13 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.online-koora.live/albaplayer/sports-1/
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956df7d9284b69b0ba4b98a265898d026dff350428cb2f0f97ffb414403d4355

Request headers

Referer
https://www.plstreams.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c8e1e1ecc903620-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 19:02:57 GMT
link
<https://live.online-koora.live/wp-json/>; rel="https://api.w.org/" <https://live.online-koora.live/?p=23>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsrIDvOeTYEOhrxgtMG3BqfRBQxtQ6uknAlADh51adkImWMg0iVW9x0v%2F4G2Y2TGIJvy8xdQhdFyuzDFirIDCa2aH3ljRbSnnTaOgExxWKw8o3BaJrRAspSmeU%2FYM7sccgIVJdUA1PF%2BkSwKsI%2FYM6vtfYZh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
collect
www.google-analytics.com/j/ 		3 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=426222809&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plstreams.org%2Fp%2Fucl2.html&ul=en-us&de=UTF-8&dt=Manchester%20City%20vs%20Real%20Madrid%20-%20preview%2C%20team%20news%2C%20lineups%20and%20live%20stream&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1123692377&gjid=87792061&cid=179843344.1684350177&tid=%3Cdata%3Ablog.analyticsAccountNumber%2F%3E&_gid=2138602782.1684350177&_r=1&_slc=1&z=1927193682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plstreams.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 19:02:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.plstreams.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
timer.js
cdn.jsdelivr.net/gh/asfarmed/players@main/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/asfarmed/players@main/timer.js
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f98ac1a01c3067b9c6bb97c909bbe953d4972cc0519fb503b0d6ccf1530bedeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 19:02:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
2228
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6388
x-served-by
cache-fra-eddf8230035-FRA, cache-gig2250034-GIG
x-jsd-version-type
branch
etag
W/"8d6e-IgdtCdXcPyhGasRA0t8bj+KSWLg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
collect
region1.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V0KXYPKN7Z&gtm=45je35a0&_p=426222809&cid=179843344.1684350177&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684350177&sct=1&seg=0&dl=https%3A%2F%2Fwww.plstreams.org%2Fp%2Fucl2.html&dt=Manchester%20City%20vs%20Real%20Madrid%20-%20preview%2C%20team%20news%2C%20lineups%20and%20live%20stream&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0KXYPKN7Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 19:02:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.plstreams.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 47FA 		239 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B8JTE5LYRK
Requested by
Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/ontime-sport-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da0ab36d835c732365d4720ad8a0d0b0125bc2226295630d25f328f92e3e073f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online.alkoora.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84192
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 May 2023 19:02:57 GMT
clappr.min.js
cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/ Frame CC13 		470 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js
Requested by
Host: live.online-koora.live
URL: https://live.online-koora.live/albaplayer/sports-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 19:02:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
29996
x-jsd-version
0.4.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
133477
x-served-by
cache-fra-eddf8230041-FRA, cache-gig2250034-GIG
x-jsd-version-type
version
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame CC13 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: live.online-koora.live
URL: https://live.online-koora.live/albaplayer/sports-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 19:02:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
33959
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10804
x-served-by
cache-fra-eddf8230055-FRA, cache-gig2250034-GIG
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7391393567498525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa15a2d5016e31f79eec38c9faa0299a5150085262a0bc7294d774b8e06e5b80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122594
x-xss-protection
0
server
cafe
etag
1826614908862822015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:02:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 78C0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7391393567498525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plstreams.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82098
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 May 2023 20:14:39 GMT
etag
15057649708203361565
expires
Tue, 30 May 2023 20:14:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
authorization.css
www.blogger.com/dyn-css/ 		1 B
88 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5409978861267963181&zx=a1e61c27-b1ca-48c5-8830-57aad0729fc4
Requested by
Host: www.plstreams.org
URL: https://www.plstreams.org/p/ucl2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 May 2023 19:02:57 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cdnbye@latest
cdn.jsdelivr.net/npm/ Frame 47FA 		526 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest
Requested by
Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/ontime-sport-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2b4a3860b1dc0481ba0555ffe5f1b36768fde0181599ba701d311ee0d6d0687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online.alkoora.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 19:02:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
22428
x-jsd-version
1.21.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
151051
x-served-by
cache-fra-eddf8230102-FRA, cache-gig2250034-GIG
x-jsd-version-type
version
etag
W/"83866-sKe/jg2CScBS9ruzJlccJGJVT8U"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cookie.js
partner.googleadservices.com/gampad/ 		12 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.plstreams.org&callback=_gfp_s_&client=ca-pub-7391393567498525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.plstreams.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.plstreams.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 01E6 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7391393567498525&output=html&adk=1812271804&adf=3025194257&lmt=1684317497&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.plstreams.org%2Fp%2Fucl2.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684350177466&bpp=3&bdt=492&idt=314&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2151459452271&frm=20&pv=2&ga_vid=179843344.1684350177&ga_sid=1684350178&ga_hid=426222809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074469%2C31074636%2C44788442%2C44789779%2C31071260&oid=2&pvsid=4058160736737864&tmod=1854535303&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=339
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
358d15a2a252be2f9727b1cb72be1b1fd45aeefa93e6430080a9c7fdcbcacf72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plstreams.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5367
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 19:02:58 GMT
expires
Wed, 17 May 2023 19:02:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 47FA 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-235413531-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8JTE5LYRK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2128287995aa74016824b74e438368299349f878d64849f7a197c7558971899b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online.alkoora.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46276
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 May 2023 19:02:57 GMT
analytics.js
www.google-analytics.com/ Frame 47FA 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-235413531-2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online.alkoora.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1638
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 17 May 2023 20:35:39 GMT
playlist.m3u8
es3.quest123.top/live/alkoora1/ Frame 47FA 		0
0
truncated
/ Frame 47FA 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 47FA 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 47FA 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 47FA 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 47FA 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 47FA 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
playlist.m3u8
d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/ Frame CC13 		494 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/playlist.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:1b:b42d:6f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef61f1a7e99419a7918ea7647368ee8a176a85b5a0ba352d7b8c707c6076fd12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:59 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-mediapackage-manifest-last-updated
0
x-mediapackage-manifest-last-sequence
0
server
nginx/1.18.0
x-amz-cf-pop
FRA53-C1
vary
Origin
x-cache
Hit from cloudfront
content-type
application/x-mpegURL
access-control-allow-origin
https://live.online-koora.live
cache-control
max-age=2
access-control-allow-credentials
true
content-length
494
x-mediapackage-request-id
Root=1-646524e3-60d0931472fbe2b92eb09f35
x-amz-cf-id
lfi7E7oGBkavhHqlnj_dIV9meb1juDhkOe_zByZx8AynPveOUCvYbw==
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9bcb5fc7358a63a69e7d3fdbdffb9b158a04604e108d2143cd4248c0268c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11347
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7391393567498525&plah=www.plstreams.org&bust=31074636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 May 2023 19:02:59 GMT
playlist_1.m3u8
d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/ Frame CC13 		567 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/playlist_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:1b:b42d:6f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
22fdeb4bbd04d6ee092355edd23b3ecf5c88f522a4a3f165cd596552ea17b53e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:58 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1
x-cache
Hit from cloudfront
content-length
567
x-mediapackage-manifest-last-updated
1684350175178
x-mediapackage-manifest-last-sequence
731
server
nginx/1.18.0
vary
Origin
content-type
application/x-mpegURL
access-control-allow-origin
https://live.online-koora.live
cache-control
max-age=2
access-control-allow-credentials
true
x-mediapackage-request-id
Root=1-646524e2-6aa3de3b595e054031af58a6
x-amz-cf-id
Vmep10IZElZZN11PcH60r76pokprRYEol_G4ZcgYViRWUxmOtVFKlg==
playlist_1_729.ts
d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/ Frame CC13 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/playlist_1_729.ts?m=1684316439
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:1b:b42d:6f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
23b4907897594131ca2cf5952e20b992f63da5521e962bba73fe464c16ec74a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:46 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA53-C1
age
13
vary
Origin
x-cache
Hit from cloudfront
content-type
video/MP2T
access-control-allow-origin
https://live.online-koora.live
cache-control
max-age=1209600
access-control-allow-credentials
true
content-length
3316320
x-mediapackage-request-id
Root=1-646524d6-34739b753aa5acab5247ee48
x-amz-cf-id
gjNQfiUVhaZ8nginoSD2Q_1K_LJWZg0UZmpqEse3iOZ3MIH-RgfX1g==
71525c49-a637-4d03-8c8a-f461d717865a
https://live.online-koora.live/ Frame CC13 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://live.online-koora.live/71525c49-a637-4d03-8c8a-f461d717865a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2055 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plstreams.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 16:05:22 GMT
expires
Thu, 16 May 2024 16:05:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 76C9 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
596b2800864addadd88b894514a3cab6587518125f5583e1e2b9efab84705618
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KorUutgi-sqWrCdUMR6Qig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.plstreams.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-KorUutgi-sqWrCdUMR6Qig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 19:02:59 GMT
expires
Wed, 17 May 2023 19:02:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame 2055 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:36:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
109585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 12:36:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 76C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=4058160736737864&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2055 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?z1Px9w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
playlist_1_730.ts
d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/ Frame CC13 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/playlist_1_730.ts?m=1684316439
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:1b:b42d:6f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e37e864dce3b1a0d6e4953a7d43ceae2aadf306a19af0c385ec857048d1dcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:52 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA53-C1
age
7
vary
Origin
x-cache
Hit from cloudfront
content-type
video/MP2T
access-control-allow-origin
https://live.online-koora.live
cache-control
max-age=1209600
access-control-allow-credentials
true
content-length
3200136
x-mediapackage-request-id
Root=1-646524dc-51eda14915d4621b76c9ce51
x-amz-cf-id
Q0-Ig19Ui3RWrcd-mpEOUffINiZ8oSNKNkUJqxOyjsmmzpbruNtwzA==
playlist_1_731.ts
d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/ Frame CC13 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2uimycvh6e75p.cloudfront.net/out/v1/d2c55bb51b464b8d9131013811f1be74/playlist_1_731.ts?m=1684316439
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:1b:b42d:6f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
df40df7e1ffc1fa3f5e7a4881be69b98cc03521ccdfe2c3071ab6396deb96900

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:02:58 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA53-C1
age
1
vary
Origin
x-cache
Hit from cloudfront
content-type
video/MP2T
access-control-allow-origin
https://live.online-koora.live
cache-control
max-age=1209600
access-control-allow-credentials
true
content-length
3227020
x-mediapackage-request-id
Root=1-646524e2-0f67b45d03aa1e87208f4a6c
x-amz-cf-id
oEHFVEd9DQDE40DAPoNzAOp3gmn1QQttoWobkMK742NwETOVFzNapg==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=4058160736737864&bg=!jI-lj9vNAAYldGN0BXQ7ADkAdvg8WvvS1dKNpm9pRl_mnv6A6ZSbWZJ48hAY-eLewXOWojOzXcJspE1U_OMK4bWV4lWOb9xDJtECAAAAkFIAAAADaAEHCgDFuBLItsPBnU-euTCzlzsK_KwT9K3FZGchMbSiW2rj3b3nEzmumaNkPugMpsoEDU8e2FyFkEFD9-S619wfoRRVMMBuSTvP2AXoAQjUQC4fOHWBNw3POF4WkJql-dqHlfYBlrca9YiC4yASuWqMs2EtzM1HHyrYS_uE7a8LuOu6Cwi7Ad7S6aRH-6ZQRAlhulxj4SJV3RraiY-WanmR52_JrGy2Cozi384zePwJeBIo68wXRefkUH6MhprAuCqBJt72COP40vOZAqby9NJ43eVjhd9xnDjttNJjLC93wFoxdjzWJCe66g8Px_3IBfaz59V3aZNO_U3ElxcMnLhEu5MHvefF3Mc61fRJnexsoXRh-dE7CbcBK6UWXnsFT6ltyCB_OZEtELIc95hQk7BP1Hw6-xEls7-O6V6PgD3dEgh8GBvD6n3Yr9HB9gVnPQkQspTiKPxrwhqqACYXMgzszdv89N8ZKAPqieY6m_dZHAbEi3DC0QYSg0K1bCLQdt7xVhltgOwIpDbSIuu3gzE99bJcF1CS8NLYKWj16lNFEb8GYyX6kRlx7BskTOYFP1dIfeHQ6kGM81y23oHdlmDSR11yKU2d6MRm_5j3dNPGt1b-hf2QENUUclNMFTE7uXR49jYQbc8WbOVyFsR1nfl64II5iGENZ5gpojJu6zrdgylVdCpL6wVbvFCpVsrbgh9I5ZlZ23jteHU0hSUxdPi16VxSCA_UZWoI9ZlNpk_gCPl4qmkdzuvUKFb3lL64Zqsxia9EHWOttsQ9DpGrQ5cGprXQc44imc0YdCMmPQ_10Hzq0qZuWpz1yAt3XbBlR7Fb2TCKwugMcao1J9Kvjyftq_7iCAA1038GXFNqSvDIiF7N41rAeSowUxK1_ecYmtGJdjzawBYWGEE7fWxDstrkZfkIwfCNpdvMt73o5OOOT2n2dr1SQuDTS8m74OKRA8FxNKQJsLCbaEOXOIiLt58cPPxKMaDjNU0__c69-pOTIyG5J3ew2vq90lB7iljxf_M0-OxUlJcYmbPGLWhLAzE-YqMVLg8reRarjd-1f66rmSKj9N9ry7ZA4C2Hx9nP9CbABuIBJrT1B7R3o_hzG4SjHC0zAVJoDCg9suqbpQhIBkeFK2yaSvYOTjykIVxAV_A5RCWsgFTIv0Vqrt9a4omvTcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plstreams.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
es3.quest123.top
URL
https://es3.quest123.top:8088/live/alkoora1/playlist.m3u8?id=119100&pk=81f501a590f0ed5fa8cdaf347249cea6d4b06ebf6d56d4b5a79d92f8a958285bb1c82cfce82bd90e637b5d2d71bb4676bd88cbd76bcdea5fc564cebf7f58d2c3

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless function| gtag object| dataLayer string| mivetimer object| cookieChoices object| adsbygoogle string| adsjs number| parads string| adsensepub string| radiatoken boolean| encode string| posterx string| logox string| xautoplay string| wathistype string| pagetype string| playerx boolean| fullcopy string| srvnd string| srvn1 string| srvn2 string| srvn3 string| srvn4 string| srvn5 string| srvn6 boolean| enabledadsx string| tagad string| tagUrlx string| publisheridx boolean| isdroppin string| dashorhls string| version string| curentlabel string| xposter boolean| xautostart string| mi string| xadsvast boolean| defender number| numPosts function| dotab function| setURL function| rdmode string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| moment object| google_tag_manager function| onYouTubeIframeAPIReady object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| ennablecouner string| trns_mlive string| trns_soon string| trns_mend string| trns_notstart boolean| demo number| soonmatch function| myFunction function| playlazy function| _0x8e0bcb function| setCookie function| getCookie function| checkCookie function| minToHours function| _0x297e undefined| myElem function| _0x1f83 function| _0x4c5d85 function| _0x2c1d25 function| _0x142ee2 boolean| lazyadsense function| _0x5beec8 undefined| adscont undefined| target undefined| linebreak undefined| insertAfter undefined| $AdCode1 undefined| $AdCode3 object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.plstreams.org/ Name: _gid
Value: GA1.2.2138602782.1684350177
.plstreams.org/ Name: _gat_blogger
Value: 1
.plstreams.org/ Name: _ga_V0KXYPKN7Z
Value: GS1.1.1684350177.1.0.1684350177.0.0.0
.plstreams.org/ Name: _ga
Value: GA1.1.179843344.1684350177
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
blogger.googleusercontent.com
cdn.jsdelivr.net
d2uimycvh6e75p.cloudfront.net
es3.quest123.top
googleads.g.doubleclick.net
live.online-koora.live
online.alkoora.live
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.plstreams.org
es3.quest123.top
2001:4860:4802:34::36
2600:9000:214f:a600:1b:b42d:6f40:21
2606:4700:10::6816:fc7
2606:4700:3033::6815:691
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2013
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2009
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a04:4e42:600::485
018111af090cc5059354dc5613e3d8dd7479547d5dae9349e215917e2fa24678
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2128287995aa74016824b74e438368299349f878d64849f7a197c7558971899b
22fdeb4bbd04d6ee092355edd23b3ecf5c88f522a4a3f165cd596552ea17b53e
23b4907897594131ca2cf5952e20b992f63da5521e962bba73fe464c16ec74a4
2e37e864dce3b1a0d6e4953a7d43ceae2aadf306a19af0c385ec857048d1dcbf
358d15a2a252be2f9727b1cb72be1b1fd45aeefa93e6430080a9c7fdcbcacf72
3e9bcb5fc7358a63a69e7d3fdbdffb9b158a04604e108d2143cd4248c0268c5c
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
467b6722bde8647eb76473e536bc3dc3e16e89c92f65fee475fc9036ba820c76
49d4c556c589b5c870514c46cfc8a42013b7c34c94919edd1cb6e80ffbb88058
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
596b2800864addadd88b894514a3cab6587518125f5583e1e2b9efab84705618
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
956df7d9284b69b0ba4b98a265898d026dff350428cb2f0f97ffb414403d4355
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa15a2d5016e31f79eec38c9faa0299a5150085262a0bc7294d774b8e06e5b80
b2b4a3860b1dc0481ba0555ffe5f1b36768fde0181599ba701d311ee0d6d0687
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
da0ab36d835c732365d4720ad8a0d0b0125bc2226295630d25f328f92e3e073f
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df40df7e1ffc1fa3f5e7a4881be69b98cc03521ccdfe2c3071ab6396deb96900
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef61f1a7e99419a7918ea7647368ee8a176a85b5a0ba352d7b8c707c6076fd12
f60f9f8913f8ec0390ce09b0427d51ffb79cf6d2acd345c31abc82f123932266
f98ac1a01c3067b9c6bb97c909bbe953d4972cc0519fb503b0d6ccf1530bedeb
fcb772e78ec81ca6f257763d18de268398736f8721acd0a5c57fba6c57253785