zivbod.site-de-streaming.com Open in urlscan Pro
2606:4700:3031::ac43:b165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zivbod.site-de-streaming.com/
Submission: On January 23 via api (January 23rd 2024, 6:49:14 pm UTC) from US — Scanned from US

Summary HTTP 103 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 25 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3031::ac43:b165, located in United States and belongs to CLOUDFLARENET, US. The main domain is zivbod.site-de-streaming.com.
TLS certificate: Issued by E1 on January 23rd 2024. Valid for: 3 months.

This is the only time zivbod.site-de-streaming.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3031::ac43:b165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
3	2604:2dc0:100... 2604:2dc0:100:1f78::9	16276 (OVH) (OVH)
1	95.142.100.82 95.142.100.82	8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
13	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3032::6815:1ec4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
2 10	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2 4	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 16	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	139.162.117.143 139.162.117.143	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:2bac:7fd1:424f:4dc7	14618 (AMAZON-AES) (AMAZON-AES)
2 2	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	54.156.196.102 54.156.196.102	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.44.195.56 52.44.195.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1 1	51.222.39.186 51.222.39.186	16276 (OVH) (OVH)
1 1	54.211.17.237 54.211.17.237	14618 (AMAZON-AES) (AMAZON-AES)
103	18

19 2606:4700:3031::ac43:b165 (United States)

ASN13335 (CLOUDFLARENET, US)

zivbod.site-de-streaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
site-de-streaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2604:2dc0:100:1f78::9 (United States)

ASN16276 (OVH, FR)

moderate.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.100.82 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)
PTR: ofwallet.bestpaths.net

pubdirecte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:822::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

callprintingdetailed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1ec4 (United States)

ASN13335 (CLOUDFLARENET, US)

static.linkredirect.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80f::2002 (Colchester, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:81c::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2004 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:112:f002:bbbb::21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.65.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.117.143 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:2bac:7fd1:424f:4dc7 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.191 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.196.102 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-196-102.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.195.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-195-56.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.17.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-17-237.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	547 KB
26	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	143 KB
19	site-de-streaming.com zivbod.site-de-streaming.com site-de-streaming.com	604 KB
7	gstatic.com fonts.gstatic.com p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com www.gstatic.com	83 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	2 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	817 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	194 KB
3	cleantalk.org moderate.cleantalk.org — Cisco Umbrella Rank: 31179	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4277	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	2 KB
2	adkernel.com 2 redirects dsp.adkernel.com — Cisco Umbrella Rank: 5589	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 626	1 KB
2	callprintingdetailed.com callprintingdetailed.com
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604	642 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 707	389 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3226	1 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	715 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 9026	600 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	854 B
1	linkredirect.biz static.linkredirect.biz	14 KB
1	pubdirecte.com pubdirecte.com	1 KB
103	25

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net zivbod.site-de-streaming.com pagead2.googlesyndication.com tpc.googlesyndication.com
17	zivbod.site-de-streaming.com	zivbod.site-de-streaming.com
16	cm.g.doubleclick.net	2 redirects zivbod.site-de-streaming.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	zivbod.site-de-streaming.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googleadservices.com	zivbod.site-de-streaming.com
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	moderate.cleantalk.org	zivbod.site-de-streaming.com moderate.cleantalk.org
3	fonts.googleapis.com	zivbod.site-de-streaming.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	dsp.adkernel.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	site-de-streaming.com	zivbod.site-de-streaming.com
2	p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com
2	callprintingdetailed.com	zivbod.site-de-streaming.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	onetag-sys.com	1 redirects
1	a.rfihub.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	a.c.appier.net	1 redirects
1	px.ads.linkedin.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	static.linkredirect.biz	zivbod.site-de-streaming.com
1	pubdirecte.com	zivbod.site-de-streaming.com
103	31

This site contains links to these domains. Also see Links.

Domain
www.linkredirect.biz
pubdirecte.com
site-de-streaming.com
zivbod.com

Subject Issuer	Validity	Valid
site-de-streaming.com E1	`2024-01-23` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.cleantalk.org Sectigo RSA Domain Validation Secure Server CA	`2023-09-07` - `2024-09-24`	a year	crt.sh
pubdirecte.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
callprintingdetailed.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
linkredirect.biz GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://zivbod.site-de-streaming.com/
Frame ID: A362814A94FB7C945D0E800EFDA2452D
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: B439381C4364800C987C2CCAECF38772
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&h=280&slotname=3298604650&adk=1453931945&adf=1644458416&pi=t.ma~as.3298604650&w=1020&fwrn=4&fwrnh=100&lmt=1706035748&rafmt=1&format=1020x280&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035748048&bpp=21&bdt=512&idt=168&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=4677600366074&frm=20&pv=2&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=183
Frame ID: EC25D35266BF8B673271A4577C620F03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&h=280&slotname=3298604650&adk=1453931945&adf=2728025443&pi=t.ma~as.3298604650&w=1020&fwrn=4&fwrnh=100&lmt=1706035748&rafmt=1&format=1020x280&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035748069&bpp=2&bdt=532&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=4677600366074&frm=20&pv=1&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=4581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=180
Frame ID: F09110CB6A073C6AD8113CF9611AC025
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CE49AB1F669EE4B77918F71C110FC984
Requests: 2 HTTP requests in this frame

Frame: https://p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: D1CDBCC0C6A99A6BE2654D9DB966EE4C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: 0AED05973DE2367F7DC4D1F5B664B644
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&adk=1812271804&adf=3025194257&lmt=1706035749&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035749742&bpp=1&bdt=2206&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9be45fe93781f3f%3AT%3D1706035748%3ART%3D1706035748%3AS%3DALNI_MYHS1Qj1VMEp-sJFat9lvX7cCH8wg&gpic=UID%3D00000db976a307e0%3AT%3D1706035748%3ART%3D1706035748%3AS%3DALNI_MbadmF_gUxsuh5Pjx8UJANf5DrlBg&prev_fmts=1020x280%2C1020x280&nras=1&correlator=4677600366074&frm=20&pv=1&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&psts=AOrYGskLcBkDvsOy5pUFxpXv3DQHi7zrPBANuchcmLJyNIu7VjOrcS71I0UMjYMlIrWpfyGkySGAc-4C7lp2gH0Me0a6oA&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=14
Frame ID: A823FB8B8FFEC76F90F46779853D59E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FFD001A7BE733E09D2C176C497D103F8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 41E921B74F1AA6BFB007E774DAE7DE68
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADC319A085418306B6031E716EEE57B0
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 8E3519134F3B5000DF0D3F0F670985B7
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 203D19AB152857CA669340B84A30E1BB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: FBF8DA9E34052D81BC11B267EAD852A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: A141F14940D68D8BD245350DB4645F1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C8E97A35BE78E4D325A82295087CB10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31E4FFDD0EC4635FD70FDB6701831C27
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zivbod - la (vraie) nouvelle adresse du site en 2024

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

103
Requests

84 %
HTTPS

48 %
IPv6

25
Domains

31
Subdomains

18
IPs

5
Countries

1604 kB
Transfer

3519 kB
Size

30
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.linkredirect.biz/script/link.php?url=m9en1NmfaJHd2qlk0dHFpZnEoMTVnMybqJDEqKBko66g02LSy92tkNbLonXUoJRsYJFol5xZ2KiWk55uaWlsbg%3D%3D

Search URL Search Domain Scan URL

URL: https://pubdirecte.com/?said=130632&id=130632
Title: Votre pub ici avec Pubdirecte.com

Search URL Search Domain Scan URL

URL: https://site-de-streaming.com/goto/banniere/brave/
Title: <img decoding="async" src="https://site-de-streaming.com/wp-content/uploads/sites/3/2020/06/brave-banner.png" alt="Brave Browser"/>

Search URL Search Domain Scan URL

URL: https://site-de-streaming.com/evdod/
Title: Evdod

Search URL Search Domain Scan URL

URL: https://zivbod.com/
Title: https://zivbod.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 40

https://googleads.g.doubleclick.net/pagead/adview?ai=CO-hOJAqwZcroEYmB3rsPlPyj-AaLn7T2dLqtub2nEtrZHhABIJ_J6TZgye6Oi8CkjBCgAZjb0O4DyAECqAMByAPJBKoE5wFP0LKeOJ1QID2SeyKS3FJpL1cWPctODMeATXQ5HNXFAe3uhtIKxhh2dQox6ukD3L_kgTNF8s6j8netATtu13kHvRGk2rX9fZWGVQ_7h84PBIY6Z1-_8Bvi4uRNQ0WvlaGuolncP7jiT6Beg_gnrTmKbxYVXaT_RX11M3DghTynnr8KTX2i-kp5ifkAcsmGIGlqGWrZXH-aer2rjh1VCS2QE3pZUeRBtv5vdFwWlZqk0oC6SuAj8d9eq2fRwQoZ0j44CtUC0W1yoDqzLOHotd3z_oQ4nmmCcTA482sjD_CJCotn147x5BLABOy8l-roBIgFt6v35k2SBQQIBBgBkgUECAUYBKAGAoAH0KSvEagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJbxB9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYxs-Atpb0gwOaCZ0BaHR0cHM6Ly93d3cuZHVxLmVkdS9hYm91dC9jYW1wYWlnbnMvZ3JlYXQtZWR1Y2F0aW9uLnBocD91dG1fY2FtcGFpZ249aW1hZ2UmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jb250ZW50PTY4NTI5Njg1NzIxMSZ1dG1fdGVybT1wcm9zcGVjdGluZ4AKAcgLAdoMEAoKEJCSzIn31ducQhICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTQ3MDk0MDM3OTY1ODE1NxgA&sigh=Oyjw2VoqU_A&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_AmAK6hNbGkrPLsRvXEuu3WZ1p4bPbUzc-iLjwwUYRR6WcctemHtsRxlsVpjIyrIbhhoOrJFijZrPET8A_ljsxsuIpsTNX1F6phgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44841b5dab7a78ec0000000000000000%22,%222%22:%220xfc464d4a074b06d70000000000000000%22,%223%22:%220xf2613f4f7c69d61a0000000000000000%22,%224%22:%220xc04ca14a30adb3330000000000000000%22,%225%22:%220x7cbdf8113984f2a60000000000000000%22},%22debug_key%22:%2210202663613907281201%22,%22debug_reporting%22:true,%22destination%22:%22https://duq.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221037315480%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221740592172047672449%22}&andc=true

Request Chain 74

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1&google_push=AXcoOmT7ibIfcaj7AP64B-IvFEyqoz86wkIsZUcpMEeZUMM-_vshSOqaxf6MN_tkrXdpfwaJLQtyM2GizNReMgEhZh713JxCdPoZcJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMjM0MDU2MDgxNjAwMzExMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1

Request Chain 75

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENd_8GqPXx-616uhBuLkcQY&google_cver=1&google_push=AXcoOmQ9Y8UlT1qJsA4ylNZAwVR32Mm4MWhhrb2sXQlpyzLcZpf0oHPSquuUmCdZ8Psu-0TqlWZkm5HyLu67JZ9vHepqR8T6riigwQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9Y8UlT1qJsA4ylNZAwVR32Mm4MWhhrb2sXQlpyzLcZpf0oHPSquuUmCdZ8Psu-0TqlWZkm5HyLu67JZ9vHepqR8T6riigwQg

Request Chain 76

https://a.c.appier.net/gcm?google_gid=CAESEKOiAZBGuFJBaDZptq_KS2s&google_cver=1&google_push=AXcoOmSULpgZ_sQBLgq740Nw_6tQVMh7okhTvEDKyWSC2-y2y0e1h_rILPf5vxXC6i7iG7ie6gqhYHGMkfUHjC2kYLXolVeBeDbHQIc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cmR4UklFVmxBZkNvWnQxR0tBcXdaUQ%3D%3D&google_push=AXcoOmSULpgZ_sQBLgq740Nw_6tQVMh7okhTvEDKyWSC2-y2y0e1h_rILPf5vxXC6i7iG7ie6gqhYHGMkfUHjC2kYLXolVeBeDbHQIc

Request Chain 77

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhOzYxh8xTl0U8_NPe2wtE&google_cver=1&google_push=AXcoOmSs4eMJtdM84DkqLzDQDF-k_4w2YMoCT9jrLZVhtMKdxC84GAso8C_D8Ud-w3-iJ0g467I_0inwhIijFWLNPdlZCkMSmWM0fnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSs4eMJtdM84DkqLzDQDF-k_4w2YMoCT9jrLZVhtMKdxC84GAso8C_D8Ud-w3-iJ0g467I_0inwhIijFWLNPdlZCkMSmWM0fnQ&google_hm=eS0waWJUR3Z4RTJwSC5TSTRSUTI5ZzZMTVk4UTNmQ1M5dX5B

Request Chain 78

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIvgQRyN1U9cezfLzPG-Azw&google_cver=1&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kKDW7-2dRUl0c0-2DgGQ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIvgQRyN1U9cezfLzPG-Azw&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kKDW7-2dRUl0c0-2DgGQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kKDW7-2dRUl0c0-2DgGQ&google_hm=Q1NZTU5tMGVQc09RSGRDaGNmVy0=

Request Chain 79

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECdXFt-VJ8IvrTWV7cZ5NZI&google_cver=1&google_push=AXcoOmR4V_uLUEzXeVn5vuK45Hb466wSebxVGj8zfyziuTmXcFvZGJebByTF_C6zckVCWh2XwT8Knh-kn8qbjBJDEqtSGAizMdm471A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDIxNDIxNjM1NzkzMjM2MjU&google_push=AXcoOmR4V_uLUEzXeVn5vuK45Hb466wSebxVGj8zfyziuTmXcFvZGJebByTF_C6zckVCWh2XwT8Knh-kn8qbjBJDEqtSGAizMdm471A

Request Chain 80

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEC51IsdECzdYkuyXl1Vj7-I&google_cver=1&google_push=AXcoOmS5JjHexZEgn26acyBDsi0w-panFtsphlExQVrzy1cCk33wyWE7ZOHqlVCNQe74RwoRQTGJOs9hO5H37a4TL8jRuuo97f47hTtB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5JjHexZEgn26acyBDsi0w-panFtsphlExQVrzy1cCk33wyWE7ZOHqlVCNQe74RwoRQTGJOs9hO5H37a4TL8jRuuo97f47hTtB&google_hm=NjYyNTM1NzI2NjYyODk0NDUyMw==

Request Chain 84

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1&google_push=AXcoOmQsBl_Kiuc_IQtF-dwXLZXTz-qB_DuNUeDEjKh4MU7utialkaAThoEophQBecaeeK_5Hhn0gGx9ajrshpyjZoI-CYb32wZ16G7J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2MDI4Mjk2Njc3ODA3NTE3Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1

Request Chain 85

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cver=1&google_push=AXcoOmSWp1cdsds3WgKwbuwHNSFLiHEIzv5DJzC338fSKuvCndLBnk_HE8CD3MZsQVhpW95hzPlssPlGt0imcuqQh4ddpQMcSLOCsnzF HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cver=1&google_push=AXcoOmSWp1cdsds3WgKwbuwHNSFLiHEIzv5DJzC338fSKuvCndLBnk_HE8CD3MZsQVhpW95hzPlssPlGt0imcuqQh4ddpQMcSLOCsnzF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEN1UGthbnIxUnNsUEY1&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cver=1&google_push=AXcoOmSWp1cdsds3WgKwbuwHNSFLiHEIzv5DJzC338fSKuvCndLBnk_HE8CD3MZsQVhpW95hzPlssPlGt0imcuqQh4ddpQMcSLOCsnzF

Request Chain 86

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECoQCAMgj17u653os87Z2oU&google_cver=1&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboFNV9MvVTWyK4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECoQCAMgj17u653os87Z2oU&google_cver=1&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboFNV9MvVTWyK4 HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=c69ed2f0-725d-4c7f-be75-499386a37495&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=c69ed2f0-725d-4c7f-be75-499386a37495&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=23b9d0a6-1b62-4344-98de-00dfbff12679&ssp=google&expires=30&user_group=5&bsw_param=c69ed2f0-725d-4c7f-be75-499386a37495 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboFNV9MvVTWyK4&google_hm=xp7S8HJdTH--dUmThqN0lQ==

Request Chain 87

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHB29a0YbAIdzGG_b-Jf5KA&google_cver=1&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J6Z_nBvUdmIfn_XDjMFuPhAPZE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHB29a0YbAIdzGG_b-Jf5KA&google_cver=1&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J6Z_nBvUdmIfn_XDjMFuPhAPZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3MTE5MjM2ODIyOTI4OTEyMA&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J6Z_nBvUdmIfn_XDjMFuPhAPZE

Request Chain 88

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECdXFt-VJ8IvrTWV7cZ5NZI&google_cver=1&google_push=AXcoOmTgH6JwNWPPvzNAgjTYL2d6Y_HsaNTEVcxSGZEiP0HlN5OwMtvtOP51GZsgP037LZqETAhk8mBXdamXPJQE4DkO9sYJsWONgrZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY0NTI5OTk1NDgxMDYwNTE4MjQ&google_push=AXcoOmTgH6JwNWPPvzNAgjTYL2d6Y_HsaNTEVcxSGZEiP0HlN5OwMtvtOP51GZsgP037LZqETAhk8mBXdamXPJQE4DkO9sYJsWONgrZS

Request Chain 89

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAbyTFRtLhnbu3tnCl9K3Qg&google_cver=1&google_push=AXcoOmQIB6aQBjWROA65aqrRTBCkCFsqRvzUHtjIjBGblDchhi966Dh9zG3O-ISqtSNyY1MW8H2GuVy9vnALIa7VWsSrhldpzl16nxOK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQIB6aQBjWROA65aqrRTBCkCFsqRvzUHtjIjBGblDchhi966Dh9zG3O-ISqtSNyY1MW8H2GuVy9vnALIa7VWsSrhldpzl16nxOK

Request Chain 90

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJrUe4ihOsIMHjsSYHauPmQ&google_cver=1&google_push=AXcoOmSY6MNdRbks3B3o8dJN5K07mHpD8Xkw45UNfCGbzupWmBNoKy9484Av_dI_wh5cCMKlAc2MPclpufsklUdRYyqz03P-sV1l5qNdXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=lLJSFHeQN0-EhR6XNwGpow&google_push=AXcoOmSY6MNdRbks3B3o8dJN5K07mHpD8Xkw45UNfCGbzupWmBNoKy9484Av_dI_wh5cCMKlAc2MPclpufsklUdRYyqz03P-sV1l5qNdXA

Request Chain 94

https://googleads.g.doubleclick.net/pagead/adview?ai=CSMESJQqwZYa2MJ3RoPMP9cOowATD7fqIdKTBnsLVEJWLh7yWDhABIJ_J6TZgye6Oi8CkjBCgAZix-IkpyAEBqQKHQURMnTayPqgDAcgDywSqBPQBT9DOrk1gX4r9XopknA6DS7yZfQO-CVLarzIFrpovF5UgwDbpRiOatrFJ1O_grnwYPUofi8R1EoUPzUtn4G-HKtOh-SM1NiCqM9shaZaMmvKrWmXqRkS-6xAelutlkvQd4G-82oJdmN0s31yBhMbZm4KlGsfawMqrdWvgw6vKsVgmxH6WVT_cjeqiwgukYGOBhxgUZx08jqwocjrmsRDbG2QFqvUo2YibBj3IKh0_sEOV59F8lAeN_Kk0ir89ljAQZmQKFVjttKke81pDNw1wsvSxLHhH_xNubEDGLCSZu8CUlIjW0CfbYBTZEwDMW0HUKjEIDMAEtNum970EiAXL2qqJSZIFBAgEGAGSBQQIBRgEoAYCgAeY6cjpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEK3qA9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY6rfctpb0gwOaCaEBaHR0cHM6Ly91cy5zZWFyY2hlbC5jb20vZHNyP3E9Y2xvdWQlMjBzZWN1cml0eSUyMHBvc3R1cmUlMjBtYW5hZ2VtZW50JmFzaWQ9c2VfY2gxMjE3JmRlPWMmc2NsaWQ9MC0yNDQ3NSZnY2xpZD17Z2NsaWR9JnJhYz1jbG91ZCUyMHNlY3VyaXR5JTIwcG9zdHVyZSUyMG1hbmFnZW1lbnSACgHICwHaDBAKChDg7eCIhIzQwXsSAgED2BMMiBQE0BUBmBYBgBcBshccChoIABIUcHViLTk0NzA5NDAzNzk2NTgxNTcYAA&sigh=OYkJG9p5ipM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_TGqpXNu5UClLL8KuwJP1l9gCo5t55wgzl4qDun0wXXoKv37BT_GxsloUG2VTh0itSENJYqBgQxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5df2e543c892d3830000000000000000%22,%222%22:%220x5f27e88c195c0c90000000000000000%22,%223%22:%220xa3a0d1e1507aa5670000000000000000%22,%224%22:%220xfa6930c88697533e0000000000000000%22,%225%22:%220xc7b89c87287b1a810000000000000000%22},%22debug_key%22:%2214482463784181695015%22,%22debug_reporting%22:true,%22destination%22:%22https://searchel.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211026700440%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210821951912331149585%22}&andc=true

103 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zivbod.site-de-streaming.com/ 43 KB
11 KB 576ms
350ms Document
text/html 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded61715178663c467a98c4c3ec4b8c92cc9a262be690e9342330c2126134a01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84a236fbf9184bcd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 18:49:07 GMT
link: <https://zivbod.site-de-streaming.com/wp-json/>; rel="https://api.w.org/" <https://zivbod.site-de-streaming.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://zivbod.site-de-streaming.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB41vcK%2FiJCvJsCTDKvvhpMgRTyj7t3QQYhE3TQpMqIeHsy40ojlGOmPfoSclDZht0UwHggWTTLXlVKV%2B9NyYXHa148znNkXxTb6xYPIs%2Bio7F4OPT5X0A0B5EFIBQOzRmbOTQjqZrI1xmWgFZA6AkUWPtbxrQjvFbOv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-ua-compatible: IE=edge

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 106ms
41ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

552132e6c8d8a21eb9c5c1c3aafda756f2b91d4146351fa69f5ad4f3b5cba9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 18:49:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jan 2024 18:49:07 GMT

GET
H2 200 style.min.css
zivbod.site-de-streaming.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 44ms
37ms Stylesheet
text/css 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 19:50:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"1add3-6560fe7f-4b5f5f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yheI91h1RcL8l7ClyWlWLNBofA4tLO2aajXI9zQq7bkbrqx9cbq7RcQOBzExxjFtoXZ0ashBd0po9WJ2lYTQGqZ4iwTgig02ryExeYfRSowWCFMqLrwmGzb6Iaez8A%2FM%2BXW6Y0V8zIccKkAnQ90oWKwp7L9aCOz5cfw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84a236fe3cfd4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 cleantalk-public.min.css
zivbod.site-de-streaming.com/wp-content/plugins/cleantalk-spam-protect/css/ 1 KB
887 B 42ms
36ms Stylesheet
text/css 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.25
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d01a28284207ea1bc9976244daa182379ac4c1cc50c22e0d3302bbf9b922f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Jan 2024 22:09:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"587-65ac4485-4a26fe;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EagIT8s%2BrT28Br0etXG6yKTcSQ4eO7nsCSAtpxrEsjxw7%2Fv8POlwUCIYNvW%2F3ozCAaQxbscIBPx%2Fq2%2BjXEOvFN0Pf3MEQGNjgiMFsu%2BniImqfUdBXR0grhN4Bn684M4b3%2F28nCNtyAS2UsZg6MoOUi1mR2yxQftv2qma"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84a236fe3d004bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 unsemantic-grid.min.css
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/ 12 KB
2 KB 47ms
42ms Stylesheet
text/css 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.3.0
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"3107-64360335-4a7cb7;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1da3OuPyXp6G5auHRLRsPIDGxSXgF5XDqmZNyxm1q8K8xux2sf%2Bdz6n9%2FbKQ%2Fiyi3yxJs4BJksIQjBnIocELk80vjwbCoJGlnsZ01VdUIqz7enDXY9mUo99IevyXaos5xmXSQTTprI1uqcau8MZYG23P1SllfFhLtl0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84a236fe3d014bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 style.min.css
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/ 21 KB
6 KB 46ms
41ms Stylesheet
text/css 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.3.0
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"55ce-64360335-4a7ee5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrwkJkyHOBMjwQdVvEHuqoGGHubfyLuA3c6oALkCEll0KVLzowwP6210g3NWA4x%2F1rAt4Nxfk8xksxRZ%2FEwYumGPCWnozB6t2r5wnbYLaAwekYGvTlRq7Gy81M8frPJtCeQBlJ0zErUbthztoXi0UETUuy5wYlDZCFu%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84a236fe3d024bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 mobile.min.css
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/ 4 KB
1 KB 44ms
39ms Stylesheet
text/css 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.3.0
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"ec5-64360335-4a85bf;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5266mSmi2kez7YHgr2JP58DaS1sd7ciODGTVgw84CM%2BjBhIV5dkkDjZhvRlP8uJ6LUiOeLw1rGebd6YgxhpRsyGrc3sH2RQLjRsfbD5DRdHQLZGSs7nYwvSR3LUtK4HXWeuFPIki6oYujGqhKugEmadYCaxRWb5%2FrGaT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84a236fe3d034bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 font-icons.min.css
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 44ms
40ms Stylesheet
text/css 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.3.0
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"b94-64360335-4a80b4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPQmUaYx6olLGPHZPW8ZOs42UKlCUs43vnNLPqDOqO4S3E0nK35oBfcJ7eutrZ%2Fg9pVTY7%2B3gxLzaBZzGwGFIFQEI4aJSdzdJCtmNus%2BtnK8b9TIWNaAQkFEavGii%2FmPimZ8f0BPw8epp80Mvos%2FTkgt2De6N%2BvaE4Po"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84a236fe3d044bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 jquery.min.js Show response
zivbod.site-de-streaming.com/wp-includes/js/jquery/ 86 KB
31 KB 48ms
44ms Script
application/x-javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 19:50:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"15601-6560fe7f-4b18ea;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWhVdvTBuii2twMALXHxNg3MMUo9uu8IRN9BczcEMNivLZgLGkJ0O8hQMtSFA0RybCxFm5T%2F2Wq8D0iSjlBe1H8n4lwCx8Aye5gSBaupvFt12ax7fROE0QZPyw0GB%2FKkTpdXrhEzU%2B4blNnr180HDWa5vuoU2mdBGqDK"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84a236fe3d064bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
zivbod.site-de-streaming.com/wp-includes/js/jquery/ 13 KB
5 KB 46ms
43ms Script
application/x-javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 04:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"3509-65389c8e-4b1973;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05VUk9MIBWjaNdOKJjaeQzRy7tDWcvPZI5nN53XHbR84WMI1Yvy%2FChjXjtyxHZaBX%2F1bSrSgc8W4tEWFXU%2BvFLBeDmNTkDdUnA9quK0h6Ado0BJFceWeTttLNvnshUwVuhv%2BMpjY%2FYMn3ltnvQDMCMc%2FTPVzVktbgZYB"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84a236fe3d074bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 apbct-public-bundle.min.js Show response
zivbod.site-de-streaming.com/wp-content/plugins/cleantalk-spam-protect/js/ 66 KB
18 KB 68ms
64ms Script
application/x-javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.25
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6771e4912c6a61cd0af664310b8589cc0400b49d83ea44cdc09cb3b3d2643f01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Jan 2024 22:09:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"10731-65ac4485-4a8f8e;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w23OOKisz4ELO6GqkhCeBdPQbrXlAWJ9r1HQr8MBOssqc1cZe3JVSdTZ8sedGmpdfS166eh%2B0l1yKORThwmYM%2B%2FDm3hgCANXDwffYmZJBHk9OkkvoJWDiwEstKAIzVdpGs5gH4SfnZYyuvO8XhrWCSsCUGA%2BsytISWI3"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84a236fe3d084bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H/1.1 200
OK ct-bot-detector-wrapper.js Show response
moderate.cleantalk.org/ 382 B
733 B 119ms
32ms Script
application/javascript 2604:2dc0:100:1f78::9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2604:2dc0:100:1f78::9 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5a93abbc54b4453380f09ff11212d7dde5dc261891d0dd7ee0d265f21a10b29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 18:49:07 GMT
Last-Modified: Tue, 16 Jan 2024 10:00:22 GMT
Server: nginx
ETag: "65a653b6-17e"
Content-Type: application/javascript
Access-Control-Allow-Origin: : *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK banniere.php Show response
pubdirecte.com/script/ 2 KB
1 KB 479ms
139ms Script
application/javascript 95.142.100.82
ATOM86-AS ATOM86

General

Check archive.org

Show headers Download Go to

Full URL: https://pubdirecte.com/script/banniere.php?said=130632
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.142.100.82 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS: ofwallet.bestpaths.net
Software: Apache /
Resource Hash: 0c5350bd449365b3718436dd04889bc61d852bdf405bd31984fd51e3a515dd5a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 18:47:03 GMT
Content-Encoding: gzip
Server: Apache
X-ssl: 1
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 749
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 120ms
58ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c391a0d9c00cf2923e6ad013a7dbab11ef7938746519f92989fb1211eee62c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51108
x-xss-protection: 0
server: cafe
etag: 8643125887760983544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 23 Jan 2024 18:49:07 GMT

GET
H2 200 email-decode.min.js Show response
zivbod.site-de-streaming.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 34ms
32ms Script
application/javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zivbod.site-de-streaming.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0LJpzA2gr5SODf2yl%2FRuk4W7Ks1zEUfaJXuFlDS1vY6Uhp8wLD9ZBpZmglYN7EbQ7kcxi50w97tIOCF8JESsj4LlWc3Xt0Xm4bra7QRSY%2BJt8SLfTTNkCfujkosXLR6VF%2FP2SP3%2BlgSEqstRS2F2Zw7msmlfvUcNwen"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84a236fe3d094bcd-BUF
expires: Thu, 25 Jan 2024 18:49:07 GMT

GET
H/1.1 403
Forbidden 89e12b3426ff52704f46b1f627553cb6.js
callprintingdetailed.com/89/e1/2b/ 0
0 2186ms
38ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://callprintingdetailed.com/89/e1/2b/89e12b3426ff52704f46b1f627553cb6.js
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 18:49:09 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden da568dacac4bc706a52af32355ecc216.js
callprintingdetailed.com/da/56/8d/ 0
0 2190ms
43ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://callprintingdetailed.com/da/56/8d/da568dacac4bc706a52af32355ecc216.js
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 18:49:09 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 menu.min.js Show response
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 71ms
70ms Script
application/x-javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"1b3f-64360335-4a732e;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKX4XcjKtCUxFvej7FNYEbtl2gApJZejm%2BIUGSBKHStLPZvojxszAMkYbA19j%2BB%2FPj5c3LRpqet6IxnX4UuorvRRQDCufBzQ3XlMvfFQElcnaspqwC2IFG1K%2FcRqwHwMrmPYq165EopVKlWcj8dihfRNxD5X0PkGshTu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84a236fe6d374bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 back-to-top.min.js Show response
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/js/ 757 B
685 B 68ms
67ms Script
application/x-javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.3.0
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808af092ebf9a3f9ffa55a0fcb1ec1809ac1a12ffa602e01e4ea91da1d2b5475

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"2f5-64360335-4a76cd;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P79Q3yKV5wRMW8Bwgsdfk%2BfuWdl4b4SX%2F5YMgKmjCnEitnm%2Fn5QgECb2KdLWxyHy32VGQ8W%2BpFKmzM0oY0xOYyYtxtOJlpmgPBSe%2F00yxPYHLPGdDMtKO0XjE1TLwopPNvoxTaZhSJvhQCmR58tpfQCtE%2BCacme6X55a"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84a236fe6d384bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 smush-lazy-load.min.js Show response
zivbod.site-de-streaming.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 72ms
71ms Script
application/x-javascript 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.15.3
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Jan 2024 22:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440
etag: W/"1ef2-65a463c9-4a8cf8;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imG5Emp4LFdto9X1wY0om8IzULUEwwX0SUWJssXleh59UnEnKcaT8WpAGWJcwZGbyrEucqkD7yNxzrPHg79DWXjXeCwjxjbZTnrjopmmCXVEyuLLg9FVNMAaWFpXPVGJBiyTZl2okMU%2B2B68pcuiwlp1aiCnlYH%2Birm5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84a236fe6d394bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H/1.1 200
OK ct-bot-detector.min.js Show response
moderate.cleantalk.org/1.1.18/ 13 KB
13 KB 65ms
65ms Script
application/javascript 2604:2dc0:100:1f78::9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/1.1.18/ct-bot-detector.min.js
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2604:2dc0:100:1f78::9 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 78d938b0e971de2ee5fe6486f36840a6db078e7fa58fd7763285bc54d3f3777d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 18:49:07 GMT
Last-Modified: Tue, 16 Jan 2024 09:58:44 GMT
Server: nginx
ETag: "65a65354-32d7"
Content-Type: application/javascript
Access-Control-Allow-Origin: : *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13015
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 237472_300x250_d2.png
static.linkredirect.biz/b-images/ 13 KB
14 KB 143ms
37ms Image
image/png 2606:4700:3032::6815:1ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.linkredirect.biz/b-images/237472_300x250_d2.png
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fb2823d5fc7bb6cd6e0f262bb5e0d7822747e3f9155fd7b09050008f32e2f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:08 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 18:57:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1441
etag: "1661709592"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4ZXwiWh4brvgi87QCxyEJBWCBMclwfC8IHxq5b%2Fa0RwicxyEL0LhkRdNlZVJ9wVDif76IINHHO4LeKE7dR7E28ToCoS%2FjOpt%2BD8h%2BFEREX6M6%2FweH2gwFL6t10yyN35EyPLNOXfgwgwwc29gmK7Yi1KDiSo5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 84a23701ea3e6aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13731

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 81ms
24ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zivbod.site-de-streaming.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 06:13:40 GMT
x-content-type-options: nosniff
age: 563728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 06:13:40 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 99ms
98ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b02e6d2b506f73743dca7078d473b7819f60159b1a7a236e008b53649f5ef972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139761
x-xss-protection: 0
server: cafe
etag: 4799061451994759843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:49:08 GMT

GET
H3 200 generatepress.woff2
zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 37ms
37ms Font
font/woff2 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.3.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://zivbod.site-de-streaming.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.3.0
Origin: https://zivbod.site-de-streaming.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1441
alt-svc: h3=":443"; ma=86400
content-length: 1264
last-modified: Wed, 12 Apr 2023 01:02:45 GMT
server: cloudflare
etag: "4f0-64360335-4a880a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd02qp8LgnfwVt1n5zggsRGnoeBC8dl%2B9ZPhVjLyMPXMwnItayE5BSXdBqMvfFFQWswahNj90sL94BUKKJM7Qrn%2FcVX37cxWPLPLwTb5efcD5BYxyDTNPDEYzO3yYLLyaoMop%2BF0vYj699Eyz%2FabPrIFyBbNCMtkc2ky"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84a2370168104bc9-BUF
expires: Tue, 30 Jan 2024 18:25:07 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame B439 9 KB
4 KB 83ms
25ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 58397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 02:35:51 GMT
etag: 9219409622527106327
expires: Tue, 06 Feb 2024 02:35:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC25 738 B
584 B 747ms
745ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&h=280&slotname=3298604650&adk=1453931945&adf=1644458416&pi=t.ma~as.3298604650&w=1020&fwrn=4&fwrnh=100&lmt=1706035748&rafmt=1&format=1020x280&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035748048&bpp=21&bdt=512&idt=168&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=4677600366074&frm=20&pv=2&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e633ca3052ce76bad99614f35065edb870fad142f27db57ecb7a67cfc8781c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:08 GMT
expires: Tue, 23 Jan 2024 18:49:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F091 135 KB
42 KB 849ms
848ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&h=280&slotname=3298604650&adk=1453931945&adf=2728025443&pi=t.ma~as.3298604650&w=1020&fwrn=4&fwrnh=100&lmt=1706035748&rafmt=1&format=1020x280&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035748069&bpp=2&bdt=532&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=4677600366074&frm=20&pv=1&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=4581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=180

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ce92fa68254bd1766a1de95e63c4ed09bbd1d2e412bc7aae0b65e752202575d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42731
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:09 GMT
expires: Tue, 23 Jan 2024 18:49:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 15162141755996013211
tpc.googlesyndication.com/daca_images/simgad/ Frame F091 97 KB
98 KB 95ms
28ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15162141755996013211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&h=280&slotname=3298604650&adk=1453931945&adf=2728025443&pi=t.ma~as.3298604650&w=1020&fwrn=4&fwrnh=100&lmt=1706035748&rafmt=1&format=1020x280&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035748069&bpp=2&bdt=532&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=4677600366074&frm=20&pv=1&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=4581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa783582b760a36d7b1e40f797027c73eefa7feb9478c683adf3719ce56de502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 14:31:18 GMT
date: Fri, 19 Jan 2024 14:31:18 GMT
x-content-type-options: nosniff
age: 361071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99451
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 14:53:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame F091 23 KB
9 KB 152ms
90ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CE49 143 B
166 B 25ms
24ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&h=280&slotname=3298604650&adk=1453931945&adf=2728025443&pi=t.ma~as.3298604650&w=1020&fwrn=4&fwrnh=100&lmt=1706035748&rafmt=1&format=1020x280&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035748069&bpp=2&bdt=532&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=4677600366074&frm=20&pv=1&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=4581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=180
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 17:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D1CD 247 B
868 B 116ms
40ms Document
text/html 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

a0f29769301df56013846b8ef38823097e1986bbd19526d7ef118106d4678ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-2mcL_TdLIHpjcQjyOlT63Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F091 3 KB
1 KB 153ms
94ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F091 67 B
196 B 145ms
86ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 20:20:12 GMT
x-content-type-options: nosniff
server: cafe
age: 80937
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Tue, 23 Jan 2024 20:20:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F091 20 KB
9 KB 80ms
25ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F091 205 KB
65 KB 127ms
44ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:49:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F091 36 KB
15 KB 141ms
87ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CE49
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
52ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:09 GMT
expires: Tue, 23 Jan 2024 18:49:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F091 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60012563fcae08c0dca6906d7f5f86f055b21fe8e4d46f41d997745292e25e90

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D1CD 5 KB
2 KB 40ms
39ms Document
text/html 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

98767a77718cb5b7b3e7dad8f46291778d419e907d1cd2a65d2fa0d2c41ae311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-x64knrcWyEqCpWUmDxwKzQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F091
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CO-hOJAqwZcroEYmB3rsPlPyj-AaLn7T2dLqtub2nEtrZHhABIJ_J6TZgye6Oi8CkjBCgAZjb0O4DyAECqAMByAPJBKoE5wFP0LKeOJ1QID2SeyKS3FJpL1cWPctODMeATXQ5HNXFAe3uhtI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44841b5dab7a78ec0000000000000000%22,%222%22:%220xfc464d4a074b06d70000000000000000%22,%223%22:%220xf2613f...

0
0

154ms
96ms

Fetch
text/css

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44841b5dab7a78ec0000000000000000%22,%222%22:%220xfc464d4a074b06d70000000000000000%22,%223%22:%220xf2613f4f7c69d61a0000000000000000%22,%224%22:%220xc04ca14a30adb3330000000000000000%22,%225%22:%220x7cbdf8113984f2a60000000000000000%22},%22debug_key%22:%2210202663613907281201%22,%22debug_reporting%22:true,%22destination%22:%22https://duq.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221037315480%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221740592172047672449%22}&andc=true

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x44841b5dab7a78ec0000000000000000","2":"0xfc464d4a074b06d70000000000000000","3":"0xf2613f4f7c69d61a0000000000000000","4":"0xc04ca14a30adb3330000000000000000","5":"0x7cbdf8113984f2a60000000000000000"},"debug_key":"10202663613907281201","debug_reporting":true,"destination":"https://duq.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1037315480"],"22":["true"],"4":["01-23"],"6":["true"]},"priority":"500","source_event_id":"1740592172047672449"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Jan 2024 18:49:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 18:49:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x44841b5dab7a78ec0000000000000000","2":"0xfc464d4a074b06d70000000000000000","3":"0xf2613f4f7c69d61a0000000000000000","4":"0xc04ca14a30adb3330000000000000000","5":"0x7cbdf8113984f2a60000000000000000"},"debug_key":"10202663613907281201","debug_reporting":true,"destination":"https://duq.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1037315480"],"22":["true"],"4":["01-23"],"6":["true"]},"priority":"500","source_event_id":"1740592172047672449"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AED 50 KB
19 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:13:16 GMT

GET
H2 200 brave-banner.png
site-de-streaming.com/wp-content/uploads/sites/3/2020/06/ 40 KB
40 KB 103ms
37ms Image
image/png 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site-de-streaming.com/wp-content/uploads/sites/3/2020/06/brave-banner.png
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 438baad436d6dc5f8ef61f29f56ed84e102c22306c0a5e94c31851ef7dc26d0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1441
alt-svc: h3=":443"; ma=86400
content-length: 40515
last-modified: Thu, 30 Apr 2020 13:12:48 GMT
server: cloudflare
etag: "9e43-5eaaced0-620c4f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bdd%2FA93RFfwaUujG7wmoJMb8x9YRhaewub1q1wuYO76buXbCnj3%2B6RbZ%2B6JLgDRsq73xNP6TK%2FFhlJpibXd0zYdjqNlHzM3LSII7WH2mqmi6fKjhJfIFv6mV4FvaDykIuVy5ACPEd1XaFk4kIUTVKg6X10A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84a2370c58e74bcd-BUF
expires: Tue, 30 Jan 2024 18:25:08 GMT

GET
H3 200 image-1.png
zivbod.site-de-streaming.com/wp-content/uploads/sites/48/2020/11/ 407 KB
408 KB 37ms
36ms Image
image/png 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zivbod.site-de-streaming.com/wp-content/uploads/sites/48/2020/11/image-1.png
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95326890538d42f99807a71af68c8357cce18dd11034a11f2650e4f0fcaa5c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1441
alt-svc: h3=":443"; ma=86400
content-length: 417167
last-modified: Sat, 20 Jan 2024 23:08:59 GMT
server: cloudflare
etag: "65d8f-65ac528b-70083d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwUXq%2FGTwau%2FqMU7Kodu4bwI96bJIOrZWt6okMS9XVo%2B0GelA6YHOZtYHgOE942v6VM9iGXBiTMT5KEyL1B9r6RifmV13oYI71%2BZDT50w08kJmQKn0nn8m3xqZaT9u%2FDWlEI%2FNOrC4eeEml0eWlyzVAbbG6yc0a3Pzhe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84a2370befa54bc9-BUF
expires: Tue, 30 Jan 2024 18:25:08 GMT

GET
H3 200 smush-lazyloader-5.gif
zivbod.site-de-streaming.com/wp-content/plugins/wp-smushit/app/assets/images/ 3 KB
3 KB 184ms
183ms Image
image/gif 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zivbod.site-de-streaming.com/wp-content/plugins/wp-smushit/app/assets/images/smush-lazyloader-5.gif
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf245ef7daffe22916da9a639bfb08f58f5f2440bb7d34034ded4cc7541057e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1441
alt-svc: h3=":443"; ma=86400
content-length: 3024
last-modified: Sun, 14 Jan 2024 22:44:25 GMT
server: cloudflare
etag: "bd0-65a463c9-4a8cda;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCU2uBjqlDTK630sL4YCI7pxTKdYkCHu%2F%2Byo477mhE2ucZX8Dea%2B4sPiNpNTv1EifuGbpQJ58vBrtVTxo8ooez%2F89fXx9M%2BB%2BXTY%2BAh5BYC8aVd5qqqSK3oxAY7vPDUqlsnu6fNDiAY3RXs8cnUN9SnOnMJHc84T8%2FZq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84a2370befa64bc9-BUF
expires: Tue, 30 Jan 2024 18:25:08 GMT

POST
H/1.1 200
OK api2.0 Show response
moderate.cleantalk.org/ 153 B
486 B 101ms
34ms XHR
application/json 2604:2dc0:100:1f78::9
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://moderate.cleantalk.org/api2.0

Requested by

Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/1.1.18/ct-bot-detector.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2604:2dc0:100:1f78::9 , United States, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f9ae68070f43fe229bfb8f1089fda059531d2393e8fb34569b4428f3fe265ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zivbod.site-de-streaming.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Jan 2024 18:49:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A823 390 KB
85 KB 1457ms
1456ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9470940379658157&output=html&adk=1812271804&adf=3025194257&lmt=1706035749&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fzivbod.site-de-streaming.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706035749742&bpp=1&bdt=2206&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9be45fe93781f3f%3AT%3D1706035748%3ART%3D1706035748%3AS%3DALNI_MYHS1Qj1VMEp-sJFat9lvX7cCH8wg&gpic=UID%3D00000db976a307e0%3AT%3D1706035748%3ART%3D1706035748%3AS%3DALNI_MbadmF_gUxsuh5Pjx8UJANf5DrlBg&prev_fmts=1020x280%2C1020x280&nras=1&correlator=4677600366074&frm=20&pv=1&ga_vid=1063884569.1706035748&ga_sid=1706035748&ga_hid=1615842362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95322181%2C95320869%2C95320894%2C95321626%2C95322166%2C31061690&oid=2&psts=AOrYGskLcBkDvsOy5pUFxpXv3DQHi7zrPBANuchcmLJyNIu7VjOrcS71I0UMjYMlIrWpfyGkySGAc-4C7lp2gH0Me0a6oA&pvsid=762107268253894&tmod=1172608684&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8c1efb294271489794c0ca5956dc1fda704497bdc07c5d584d4524f45a0a042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86538
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:11 GMT
expires: Tue, 23 Jan 2024 18:49:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 165ms
99ms Preflight
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 18:49:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 image-15-1024x521.png
site-de-streaming.com/wp-content/uploads/sites/3/2023/05/ 51 KB
52 KB 38ms
37ms Image
image/png 2606:4700:3031::ac43:b165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site-de-streaming.com/wp-content/uploads/sites/3/2023/05/image-15-1024x521.png
Requested by: Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaa02f54495506b3f364131231aa64b60c0888bd3a0236b06f9628395fd6f0ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1440
alt-svc: h3=":443"; ma=86400
content-length: 52660
last-modified: Sun, 21 May 2023 09:38:49 GMT
server: cloudflare
etag: "cdb4-6469e6a9-189ed5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gLdZlYP77x%2FQwSoJzpzffhPYD08Of67fJVtG4EMl0u3uDVTAaynB9NzQNjXXepFSE9S2xJJTwVELxC8HASAKYqDXlsE2rvV3mGkXuBpkm95PQsTOCLM403ES86uwuxNrX150tF9vkEDoYnC5SityVAgRpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84a2370dca974bc9-BUF
expires: Tue, 30 Jan 2024 18:25:10 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 163 KB
55 KB 96ms
95ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccc6c60529266faceeb8ea532fc8983ceb7db05ff382a1ed5fdb7ab6e734f36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56676
x-xss-protection: 0
server: cafe
etag: 13037271287155728641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:49:11 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame FFD0 9 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 23:47:02 GMT
etag: 9219409622527106327
expires: Mon, 05 Feb 2024 23:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 41E9 9 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 23:47:02 GMT
etag: 9219409622527106327
expires: Mon, 05 Feb 2024 23:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame FFD0 4 KB
767 B 49ms
48ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 17:53:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jan 2024 18:49:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FFD0 205 B
651 B 88ms
26ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:31:49 GMT
x-content-type-options: nosniff
age: 364642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 13:31:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FFD0 604 B
696 B 89ms
27ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:59 GMT
x-content-type-options: nosniff
age: 365532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 13:16:59 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame FFD0 16 KB
7 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:24:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame FFD0 22 KB
9 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:24:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 41E9 2 KB
903 B 29ms
28ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:11:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 41E9 23 KB
9 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 41E9 3 KB
1 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ADC3 1 KB
643 B 27ms
25ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 07:09:55 GMT
etag: 48472445140208031
expires: Wed, 24 Jan 2024 07:09:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 41E9 20 KB
8 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 41E9 0
0 44ms
43ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTldpIGkSmMHEtEZMBIr_5ILo1Jb9DRfpRA0PGXyeOMufb0qoWDX3HzXMxkBHuDBtHqQMZRZZRgZAYu6GHJGZTZ20ccNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41E9 205 KB
65 KB 59ms
57ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:49:11 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 41E9 37 KB
15 KB 56ms
28ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 07:06:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8E35 2 KB
480 B 42ms
42ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 18:26:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jan 2024 18:49:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8E35 2 KB
822 B 24ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:11:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 8E35 23 KB
9 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 10:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:08:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8E35 3 KB
1 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 203D 1 KB
643 B 32ms
28ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 07:09:55 GMT
etag: 48472445140208031
expires: Wed, 24 Jan 2024 07:09:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8E35 20 KB
8 KB 33ms
31ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E35 0
0 52ms
43ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9vcgAJbKhtCIfu0RPfhHx83hrg2QvaWQpGisPxxMIdgNOJ1PhomsLRktZrYttZsPn27nOZSbz8IAt1JYWTuyPRlha3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E35 205 KB
65 KB 46ms
40ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:49:11 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 8E35 37 KB
15 KB 32ms
25ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 07:06:53 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ADC3
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1&google_push=AXcoOmT7ibIfcaj7AP64B-IvFEyqoz86wkIsZUcpMEeZUMM-_vshSOqaxf6MN_tkrXdpfwaJLQtyM2GizNReMgEhZh713JxCdPoZcJI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMjM0MDU2MDgxNjAwMzExMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1

43 B
398 B

49ms
47ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ADC3
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENd_8GqPXx-616uhBuLkcQY&google_cver=1&google_push=AXcoOmQ9Y8UlT1qJsA4ylNZAwVR32Mm4MWhhrb2sXQlpyzLcZpf0oHPSquuUmCdZ8Psu-0TqlWZkm...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9Y8UlT1qJsA4ylNZAwVR32Mm4MWhhrb2sXQlpyzLcZpf0oHPSquuUmCdZ8Psu-0TqlWZkm5HyLu67JZ9vHepqR8T6riigwQg

170 B
232 B

91ms
90ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9Y8UlT1qJsA4ylNZAwVR32Mm4MWhhrb2sXQlpyzLcZpf0oHPSquuUmCdZ8Psu-0TqlWZkm5HyLu67JZ9vHepqR8T6riigwQg

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Jan 2024 18:49:11 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A1A74A27A14B4B0E85DB7512A1507860 Ref B: NYCEDGE1410 Ref C: 2024-01-23T18:49:11Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9Y8UlT1qJsA4ylNZAwVR32Mm4MWhhrb2sXQlpyzLcZpf0oHPSquuUmCdZ8Psu-0TqlWZkm5HyLu67JZ9vHepqR8T6riigwQg
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPoWbz7/fumSMN1PMA3Q==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADC3
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEKOiAZBGuFJBaDZptq_KS2s&google_cver=1&google_push=AXcoOmSULpgZ_sQBLgq740Nw_6tQVMh7okhTvEDKyWSC2-y2y0e1h_rILPf5vxXC6i7iG7ie6gqhYHGMkfUHjC2kYLXolVeBeDbHQIc
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cmR4UklFVmxBZkNvWnQxR0tBcXdaUQ%3D%3D&google_push=AXcoOmSULpgZ_sQBLgq740Nw_6tQVMh7okhTvEDKyWSC2-y2y0e1h_rILPf5vxXC6i7iG7ie6gqhYHGMkfUHj...

170 B
188 B

41ms
41ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cmR4UklFVmxBZkNvWnQxR0tBcXdaUQ%3D%3D&google_push=AXcoOmSULpgZ_sQBLgq740Nw_6tQVMh7okhTvEDKyWSC2-y2y0e1h_rILPf5vxXC6i7iG7ie6gqhYHGMkfUHjC2kYLXolVeBeDbHQIc

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Jan 2024 18:49:12 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cmR4UklFVmxBZkNvWnQxR0tBcXdaUQ%3D%3D&google_push=AXcoOmSULpgZ_sQBLgq740Nw_6tQVMh7okhTvEDKyWSC2-y2y0e1h_rILPf5vxXC6i7iG7ie6gqhYHGMkfUHjC2kYLXolVeBeDbHQIc
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ADC3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhOzYxh8xTl0U8_NPe2wtE&google_cver=1&google_push=AXcoOmSs4eMJtdM84DkqLzDQDF-k_4w2YMoCT9jrLZVhtMKdxC84GAso8C_D8Ud-w3-iJ0g467I_0inwhIijFWLNPdlZCkM...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSs4eMJtdM84DkqLzDQDF-k_4w2YMoCT9jrLZVhtMKdxC84GAso8C_D8Ud-w3-iJ0g467I_0inwhIijFWLNPdlZCkMSmWM0fnQ&google_hm=eS0waWJUR3Z4RTJwSC5...

170 B
232 B

46ms
44ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSs4eMJtdM84DkqLzDQDF-k_4w2YMoCT9jrLZVhtMKdxC84GAso8C_D8Ud-w3-iJ0g467I_0inwhIijFWLNPdlZCkMSmWM0fnQ&google_hm=eS0waWJUR3Z4RTJwSC5TSTRSUTI5ZzZMTVk4UTNmQ1M5dX5B

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Jan 2024 18:49:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSs4eMJtdM84DkqLzDQDF-k_4w2YMoCT9jrLZVhtMKdxC84GAso8C_D8Ud-w3-iJ0g467I_0inwhIijFWLNPdlZCkMSmWM0fnQ&google_hm=eS0waWJUR3Z4RTJwSC5TSTRSUTI5ZzZMTVk4UTNmQ1M5dX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADC3
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIvgQRyN1U9cezfLzPG-Azw&google_cver=1&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kK...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIvgQRyN1U9cezfLzPG-Azw&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kK...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kKDW7-2dRUl0c0-2DgGQ&google_hm=Q1NZTU5tMGVQc09RS...

170 B
188 B

42ms
40ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kKDW7-2dRUl0c0-2DgGQ&google_hm=Q1NZTU5tMGVQc09RSGRDaGNmVy0=

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 18:49:11 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQv4eYrS579Yy_epccFzh6e3zDXSKCJgMKijsQIoYrxaJAFygOE8iAgSv8qfNBTRr1kwS9qW8padR4kKDW7-2dRUl0c0-2DgGQ&google_hm=Q1NZTU5tMGVQc09RSGRDaGNmVy0=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ADC3
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECdXFt-VJ8IvrTWV7cZ5NZI&google_cver=1&google_push=AXcoOmR4V_uLUEzXeVn5vuK45Hb466wSebxVGj8zfyziuTmXcFvZGJebByTF_C6zckVCWh2XwT8Knh-kn8qbjBJDEq...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDIxNDIxNjM1NzkzMjM2MjU&google_push=AXcoOmR4V_uLUEzXeVn5vuK45Hb466wSebxVGj8zfyziuTmXcFvZGJebByTF_C6zckVCWh2XwT8Knh-kn8qbjBJDEqtS...

170 B
232 B

44ms
43ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDIxNDIxNjM1NzkzMjM2MjU&google_push=AXcoOmR4V_uLUEzXeVn5vuK45Hb466wSebxVGj8zfyziuTmXcFvZGJebByTF_C6zckVCWh2XwT8Knh-kn8qbjBJDEqtSGAizMdm471A

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDIxNDIxNjM1NzkzMjM2MjU&google_push=AXcoOmR4V_uLUEzXeVn5vuK45Hb466wSebxVGj8zfyziuTmXcFvZGJebByTF_C6zckVCWh2XwT8Knh-kn8qbjBJDEqtSGAizMdm471A
Date: Tue, 23 Jan 2024 18:49:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ADC3
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEC51IsdECzdYkuyXl1Vj7-I&google_cver=1&google_push=AXcoOmS5JjHexZEgn26acyBDsi0w-panFtsphlExQVrzy1cCk33wyWE7ZOHqlVCNQe74RwoRQTGJOs9hO5H37a4TL8jRuuo...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5JjHexZEgn26acyBDsi0w-panFtsphlExQVrzy1cCk33wyWE7ZOHqlVCNQe74RwoRQTGJOs9hO5H37a4TL8jRuuo97f47hTtB&google_hm=NjYyNTM...

170 B
329 B

42ms
41ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5JjHexZEgn26acyBDsi0w-panFtsphlExQVrzy1cCk33wyWE7ZOHqlVCNQe74RwoRQTGJOs9hO5H37a4TL8jRuuo97f47hTtB&google_hm=NjYyNTM1NzI2NjYyODk0NDUyMw==

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5JjHexZEgn26acyBDsi0w-panFtsphlExQVrzy1cCk33wyWE7ZOHqlVCNQe74RwoRQTGJOs9hO5H37a4TL8jRuuo97f47hTtB&google_hm=NjYyNTM1NzI2NjYyODk0NDUyMw==
Date: Tue, 23 Jan 2024 18:49:11 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ADC3 0
130 B 122ms
39ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JamVopsXq0ckXM2tPFtUA-UUKBCxnlrqIY3NYFuldxkZbJ2E-yyaMytVyOI1T65SseJVduCQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4201856290781061975
tpc.googlesyndication.com/daca_images/simgad/ Frame 41E9 21 KB
21 KB 26ms
25ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4201856290781061975?w=360&h=720&tw=1&q=75

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24e49bd22884476f0dde0cb82afa7e2125ffcbdceea94402e099895b6e7ca68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 18:01:44 GMT
date: Tue, 23 Jan 2024 18:01:44 GMT
x-content-type-options: nosniff
age: 2847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21691
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 11:15:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 41E9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc201153dcd3661c1d8f1d41267bede360bb3ab7fff9c891f41351dd2129ff2f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 203D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1&google_push=AXcoOmQsBl_Kiuc_IQtF-dwXLZXTz-qB_DuNUeDEjKh4MU7utialkaAThoEophQBecaeeK_5Hhn0gGx9ajrshpyjZoI-CYb32wZ16G7J
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2MDI4Mjk2Njc3ODA3NTE3Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1

43 B
398 B

49ms
47ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDd66y2IijZtHKExWeOeiz0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 203D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEN1UGthbnIxUnNsUEY1&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cver=1&google_push=AXcoOmSWp1cdsds3WgKwbuwHNSFLiHEIzv5DJzC338fSKuv...

170 B
188 B

46ms
45ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEN1UGthbnIxUnNsUEY1&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cver=1&google_push=AXcoOmSWp1cdsds3WgKwbuwHNSFLiHEIzv5DJzC338fSKuvCndLBnk_HE8CD3MZsQVhpW95hzPlssPlGt0imcuqQh4ddpQMcSLOCsnzF

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 18:49:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0fbfe8405e2dd17ba@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bEN1UGthbnIxUnNsUEY1&google_gid=CAESEFVjVWVFdrlox7eDX0oeCaQ&google_cver=1&google_push=AXcoOmSWp1cdsds3WgKwbuwHNSFLiHEIzv5DJzC338fSKuvCndLBnk_HE8CD3MZsQVhpW95hzPlssPlGt0imcuqQh4ddpQMcSLOCsnzF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 203D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECoQCAMgj17u653os87Z2oU&google_cver=1&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboF...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECoQCAMgj17u653os87Z2oU&google_cver=1&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2D...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=c69ed2f0-725d-4c7f-be75-499386a37495&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=c69ed2f0-725d-4c7f-be75-499386a37495&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=23b9d0a6-1b62-4344-98de-00dfbff12679&ssp=google&expires=30&user_group=5&bsw_param=c69ed2f0-725d-4c7f-be75-499386a37495
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboFNV9MvVTWyK4&google_hm=xp7S8HJdTH--dUmThqN0...

170 B
188 B

49ms
48ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboFNV9MvVTWyK4&google_hm=xp7S8HJdTH--dUmThqN0lQ==

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT4dMOuLP2danN7V-4es2sBx6dtB-m9Zm5tp9-e_kUWM87dwInHBAwhJTCkUkVGE1Xvquxd_gQsQPBA2DUtLboFNV9MvVTWyK4&google_hm=xp7S8HJdTH--dUmThqN0lQ==
Date: Tue, 23 Jan 2024 18:49:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 203D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHB29a0YbAIdzGG_b-Jf5KA&google_cver=1&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J6Z...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHB29a0YbAIdzGG_b-Jf5KA&google_cver=1&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3MTE5MjM2ODIyOTI4OTEyMA&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J...

170 B
188 B

48ms
47ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3MTE5MjM2ODIyOTI4OTEyMA&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J6Z_nBvUdmIfn_XDjMFuPhAPZE

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3MTE5MjM2ODIyOTI4OTEyMA&google_push=AXcoOmTk4HjIhu3IzjQhy4NJLXwGpDH0A2rCW0dwi-vaWR3rjpYjIvEwHK37A1AL0R-5kDy9IsMB8J6Z_nBvUdmIfn_XDjMFuPhAPZE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 203D
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECdXFt-VJ8IvrTWV7cZ5NZI&google_cver=1&google_push=AXcoOmTgH6JwNWPPvzNAgjTYL2d6Y_HsaNTEVcxSGZEiP0HlN5OwMtvtOP51GZsgP037LZqETAhk8mBXdamXPJQE4D...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY0NTI5OTk1NDgxMDYwNTE4MjQ&google_push=AXcoOmTgH6JwNWPPvzNAgjTYL2d6Y_HsaNTEVcxSGZEiP0HlN5OwMtvtOP51GZsgP037LZqETAhk8mBXdamXPJQE4DkO...

170 B
232 B

90ms
89ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY0NTI5OTk1NDgxMDYwNTE4MjQ&google_push=AXcoOmTgH6JwNWPPvzNAgjTYL2d6Y_HsaNTEVcxSGZEiP0HlN5OwMtvtOP51GZsgP037LZqETAhk8mBXdamXPJQE4DkO9sYJsWONgrZS

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY0NTI5OTk1NDgxMDYwNTE4MjQ&google_push=AXcoOmTgH6JwNWPPvzNAgjTYL2d6Y_HsaNTEVcxSGZEiP0HlN5OwMtvtOP51GZsgP037LZqETAhk8mBXdamXPJQE4DkO9sYJsWONgrZS
Date: Tue, 23 Jan 2024 18:49:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 203D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAbyTFRtLhnbu3tnCl9K3Qg&google_cver=1&google_push=AXcoOmQIB6aQBjWROA65aqrRTBCkCFsqRvzUHtjIjBGblDchhi966Dh9zG3O-ISqtSNyY1MW8H2GuVy9vnAL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQIB6aQBjWROA65aqrRTBCkCFsqRvzUHtjIjBGblDchhi966Dh9zG3O-ISqtSNyY1MW8H2GuVy9vnALIa7VWsSrhldpzl16nxOK

170 B
232 B

96ms
95ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQIB6aQBjWROA65aqrRTBCkCFsqRvzUHtjIjBGblDchhi966Dh9zG3O-ISqtSNyY1MW8H2GuVy9vnALIa7VWsSrhldpzl16nxOK

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQIB6aQBjWROA65aqrRTBCkCFsqRvzUHtjIjBGblDchhi966Dh9zG3O-ISqtSNyY1MW8H2GuVy9vnALIa7VWsSrhldpzl16nxOK
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 203D
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJrUe4ihOsIMHjsSYHauPmQ&google_cver=1&google_push=AXcoOmSY6MNdRbks3B3o8dJN5K07mHpD8Xkw45UNfCGbzupWmBNoKy9484Av_dI_wh5cCMKlAc2MPclpufsklUd...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=lLJSFHeQN0-EhR6XNwGpow&google_push=AXcoOmSY6MNdRbks3B3o8dJN5K07mHpD8Xkw45UNfCGbzupWmBNoKy9484Av_dI_wh5cCMKlAc2MPclpufsklUdRYyqz03P-s...

170 B
188 B

42ms
41ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=lLJSFHeQN0-EhR6XNwGpow&google_push=AXcoOmSY6MNdRbks3B3o8dJN5K07mHpD8Xkw45UNfCGbzupWmBNoKy9484Av_dI_wh5cCMKlAc2MPclpufsklUdRYyqz03P-sV1l5qNdXA

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=lLJSFHeQN0-EhR6XNwGpow&google_push=AXcoOmSY6MNdRbks3B3o8dJN5K07mHpD8Xkw45UNfCGbzupWmBNoKy9484Av_dI_wh5cCMKlAc2MPclpufsklUdRYyqz03P-sV1l5qNdXA
Date: Tue, 23 Jan 2024 18:49:11 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 203D 0
40 B 61ms
49ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IezEbI_XejgUP_7C9OlYEBsJfSnnDOVIGPqLL48JyeLthaqeOT1W8ozY1dn3aQTOuE8CGmgQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FBF8 50 KB
19 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:13:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 107ms
57ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9462be1cfd48494da30fe9f0f3ce24301235bbe6e568253ce443e4a92ea5276d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12270
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 41E9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSMESJQqwZYa2MJ3RoPMP9cOowATD7fqIdKTBnsLVEJWLh7yWDhABIJ_J6TZgye6Oi8CkjBCgAZix-IkpyAEBqQKHQURMnTayPqgDAcgDywSqBPQBT9DOrk1gX4r9XopknA6DS7yZfQO-CVL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5df2e543c892d3830000000000000000%22,%222%22:%220x5f27e88c195c0c90000000000000000%22,%223%22:%220xa3a0d1e...

0
0

99ms
97ms

Fetch
text/css

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5df2e543c892d3830000000000000000%22,%222%22:%220x5f27e88c195c0c90000000000000000%22,%223%22:%220xa3a0d1e1507aa5670000000000000000%22,%224%22:%220xfa6930c88697533e0000000000000000%22,%225%22:%220xc7b89c87287b1a810000000000000000%22},%22debug_key%22:%2214482463784181695015%22,%22debug_reporting%22:true,%22destination%22:%22https://searchel.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211026700440%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210821951912331149585%22}&andc=true

Protocol

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5df2e543c892d3830000000000000000","2":"0x5f27e88c195c0c90000000000000000","3":"0xa3a0d1e1507aa5670000000000000000","4":"0xfa6930c88697533e0000000000000000","5":"0xc7b89c87287b1a810000000000000000"},"debug_key":"14482463784181695015","debug_reporting":true,"destination":"https://searchel.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11026700440"],"22":["true"],"4":["01-23"],"6":["true"]},"priority":"500","source_event_id":"10821951912331149585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Jan 2024 18:49:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 18:49:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5df2e543c892d3830000000000000000","2":"0x5f27e88c195c0c90000000000000000","3":"0xa3a0d1e1507aa5670000000000000000","4":"0xfa6930c88697533e0000000000000000","5":"0xc7b89c87287b1a810000000000000000"},"debug_key":"14482463784181695015","debug_reporting":true,"destination":"https://searchel.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11026700440"],"22":["true"],"4":["01-23"],"6":["true"]},"priority":"500","source_event_id":"10821951912331149585"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A141 50 KB
19 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: zivbod.site-de-streaming.com
URL: https://zivbod.site-de-streaming.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:13:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Jan 2024 18:49:11 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 97ms
96ms Preflight
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 18:49:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C8E 13 KB
5 KB 25ms
24ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 81720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 20:07:11 GMT
expires: Tue, 21 Jan 2025 20:07:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 31E4 829 B
561 B 46ms
45ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5dae507cb4977bd77107f21af43c9f8a40e01cf298ba8f108d6bda1601fffb1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6jgHhVTbG2Lx_io4jGZeLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zivbod.site-de-streaming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6jgHhVTbG2Lx_io4jGZeLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 18:49:11 GMT
expires: Tue, 23 Jan 2024 18:49:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C8E 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 20:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 20:07:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31E4 0
0 55ms
55ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=762107268253894&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6C8E 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GMd_RQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:49:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=762107268253894&bg=!eXqlejXNAAa8BdJLnAU7ADQBe5WfOLXBDoRxnK1APh07zM9jHqfafyJHZ5CuMtwneSnRUAjpgVaTd9l6v8aGIVShGLEFAgAAAIlSAAAAAmgBBwoAWM06SEZRtFs4NoIHLwPKTkhWYlB4SuqTLJ0oIqz9xSad52vRa7Dq0Sdg_RwGlpdVRgX4mUJ7UccJg04_0biYApA5DpyaJKG-6h6_XCROUTsh_V7SOE8LC3uZAtv0xVGzl4cv-qjg9e3Rp9ZWYkmvpuw7LVdW0S37L8sWGMuz-vAHtyTaoe05CTr1uaShvVN7WRj7WO2O17glbBhmv5W1eneeKPi5piPyC7JKD4V5w_6HTNOmRoNTPmAliLzU89xS7Y6NAnGXzot578vkiOFDvC7bI2MlsNtb1RNRmT45e_f-1m0zT8him25USUEjxYaLF4THFMLkpxfGEww5HdMYMUh3F5a4tbxo-64tVSmTeQ4eJXOF-t43COt4c4283rtLkvKhn14SJLqzyED0CDt5ELQ6osUpxMfC0SeB8F5hLOeaDZC30BaKv6-As-uDfaPLEnix28GsAV6bN4LITMtcabZxx5QeVUWJuvGW4CrE6mqJppmlcxGmx5kq6KLRljLMnB5F-QE1Y7VPdnRbDEWTz4H85CKKlRo_SHb-rHX9p_tiEfANWGMGNhnoUkqfJF-lq0AHIlqxiVBsYUhiXYrK7LpcsqEFrRCrJXUlTgqeUWqmCIFkwzvEr6jGhkvi8_fMRKB_9rBNqV3ypQlEysnNQdXYzogBSY2_yOoLhir7RyXuDkZVoCRVD1-7M64WmtEksvY2plltTByANnHvbZ_1sZUkK6_1Yob12jWcOir46JQ2Xsi8n33UeX6RqTF9bULG0UxYnqydPIjisNKldw26W3_WXHL_6fYTp09z3Z93c8Ssu9zRKHgmFKin3MpHv4OHxcM3O1GcQJmtV5Fx2sJmQizGrZ5rZdZIXR83NPKGFQ8PrsYxK-1OpgQ4M3Pjw2hHXaRVP8MQx54t5ltwb2ErL_TiTyVKcykXPRm6Cf5q0yfn7vIOPTDaIVCG95sN7s3gI4fUhFq2AyMsS4zWcqcrGnRoIEA2iQDDkgaA9ch_2jspAdTx6KuIz_h_RrWer1chaio3SS9hDQnYts5mFImFR0j0DMp87KW33JjVm0RzhcLaATbItzGh-RzCPm32gz_ioycFtpp8nw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zivbod.site-de-streaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41E9 42 B
64 B 70ms
69ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5IOIShftcHgezF3b4kvUANTmU6u1CCynf3PK18BB0p0h7_McT1ucLl53Bdhq3lmK6PVlfSZFyikl9DBiAVpcwMgqLBPpWsQsgtCRlnM4EFjZYUFVxDKj0U14FYyQFBD-Zp12zRX1_sfLIE62zSJLG01WS&sai=AMfl-YTxNzpmJ-1SrOlz2nLqaNXX97XDFTcs8opk1vWnQZVGY86eiBqFA2XnKNWCklwZ5PZLScQ5pPfcA14i_VI1bAf2DXmi_z1XSEra6iUtZDgZIONejsFe7uQ0ylN0&sig=Cg0ArKJSzIMiczvbBBiDEAE&cid=CAQSPAAvHhf_TGqpXNu5UClLL8KuwJP1l9gCo5t55wgzl4qDun0wXXoKv37BT_GxsloUG2VTh0itSENJYqBgQxgB&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706035751428&rpt=216&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 18:49:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.site-de-streaming.com/	1970-01-21 03:15:31	Name: __gads Value: ID=a9be45fe93781f3f:T=1706035748:RT=1706035748:S=ALNI_MYHS1Qj1VMEp-sJFat9lvX7cCH8wg
.site-de-streaming.com/	1970-01-21 03:15:31	Name: __gpi Value: UID=00000db976a307e0:T=1706035748:RT=1706035748:S=ALNI_MbadmF_gUxsuh5Pjx8UJANf5DrlBg
.doubleclick.net/	1970-01-20 17:53:59	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 20:03:31	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 03:29:55	Name: IDE Value: AHWqTUny0asvweoxjsXv5Gq0tSNG1YPFL_Tzl70tHRAFsT3q0RjnL-uEZLR7UnydgX4
.rfihub.com/	1970-01-21 03:15:31	Name: rud Value: H4sIAAAAAAAA_-MSNjMzMjU2NTcyAzIsLE1MTI2MhfgMdRONPAp1k6N0s4vdkgE3xGpCJQAAAA
.rfihub.com/	1970-01-21 03:15:31	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dTY19CxOcXWuSonMLq2MyDEMyzLX9QziNTQ3MDMwNjU3NTQzNX_FiMK3AABAcFbfPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjMzMjU2NTcyAzIsLE1MTI2MhfgMdRONPAp1k6N0s4vdkgE3xGpCJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dTY19CxOcXWuSonMLq2MyDEMyzLX9QQAg0PW2R4AAAA
.adkernel.com/	1970-01-20 18:14:05	Name: ADK_EX_11 Value: 1
.yahoo.com/	1970-01-21 02:39:53	Name: A3 Value: d=AQABBCcKsGUCELmkQbX3CKG4O9YkWDDhp84FEgEBAQFbsWW5ZQAAAAAA_eMAAA&S=AQAAAlgi6x2cnrs4krWmDPbCaEU
.linkedin.com/	1970-01-21 02:39:31	Name: bcookie Value: "v=2&290ab80a-e908-4ac6-8be5-d43e07253506"
.linkedin.com/	1970-01-20 17:55:22	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3126:u=1:x=1:i=1706035751:t=1706122151:v=2:sig=AQFipYPcW5pz3UGflAvac3F5YuWEbbbH"
.adkernel.com/	1970-01-20 18:37:07	Name: ADKUID Value: A6452999548106051824
.turn.com/	1970-01-20 22:13:07	Name: uid Value: 3960282966778075177
.zemanta.com/	1970-01-21 02:39:31	Name: zuid Value: CSYMNm0ePsOQHdChcfW-
.adform.net/	1970-01-20 18:38:34	Name: C Value: 1
.bidswitch.net/	1970-01-21 02:39:31	Name: tuuid Value: c69ed2f0-725d-4c7f-be75-499386a37495
.bidswitch.net/	1970-01-21 02:39:31	Name: c Value: 1706035751
.bidswitch.net/	1970-01-21 02:39:31	Name: tuuid_lu Value: 1706035751
.w55c.net/	1970-01-21 03:25:36	Name: wfivefivec Value: lCuPkanr1RslPF5
beacon.lynx.cognitivlabs.com/	1970-01-21 02:40:58	Name: UID Value: 1452b294-9077-4f37-8485-1e973701a9a3
beacon.lynx.cognitivlabs.com/	1970-01-21 02:40:58	Name: ss Value: 2Blrr8Z12Aa794omT8eDUMCTz3Cf%2FZZM5oP9QZKO530OkCTNfItyzeMK0eQXOJwQr4CdS8iajMh5RmQMcnI1CA%3D%3D
.adform.net/	1970-01-20 19:20:19	Name: uid Value: 4871192368229289120
.w55c.net/	1970-01-20 18:37:07	Name: matchgoogle Value: 5
.creative-serving.com/	1970-01-21 03:15:31	Name: tuuid Value: 23b9d0a6-1b62-4344-98de-00dfbff12679
.creative-serving.com/	1970-01-21 03:15:31	Name: c Value: 1706035752
.creative-serving.com/	1970-01-21 03:15:31	Name: tuuid_lu Value: 1706035752
.c.appier.net/	1970-01-21 02:39:31	Name: _auid Value: rdxRIEVlAfCoZt1GKAqwZQ
.c.appier.net/	1970-01-20 18:37:07	Name: _gu Value: CAESEKOiAZBGuFJBaDZptq_KS2s

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://callprintingdetailed.com/89/e1/2b/89e12b3426ff52704f46b1f627553cb6.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://callprintingdetailed.com/da/56/8d/da568dacac4bc706a52af32355ecc216.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.rfihub.com
ad.turn.com
ads.creative-serving.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
c1.adform.net
callprintingdetailed.com
cm.g.doubleclick.net
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
moderate.cleantalk.org
onetag-sys.com
p4-dlpzhe5nexa76-zn23tia7dq27n2gz-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubdirecte.com
px.ads.linkedin.com
r.turn.com
site-de-streaming.com
static.linkredirect.biz
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zivbod.site-de-streaming.com
139.162.117.143
142.250.65.194
142.250.65.226
142.251.40.227
174.137.133.49
185.167.164.43
192.243.59.12
199.38.167.130
2600:1f18:4e9:5a05:2bac:7fd1:424f:4dc7
2604:2dc0:100:1f78::9
2606:4700:3031::ac43:b165
2606:4700:3032::6815:1ec4
2607:f8b0:4006:808::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::2002
2620:112:f002:bbbb::21
2620:1ec:21::14
35.211.178.172
51.222.39.186
52.44.195.56
54.156.196.102
54.211.17.237
70.42.32.191
95.142.100.82
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5350bd449365b3718436dd04889bc61d852bdf405bd31984fd51e3a515dd5a
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f9ae68070f43fe229bfb8f1089fda059531d2393e8fb34569b4428f3fe265ff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ce92fa68254bd1766a1de95e63c4ed09bbd1d2e412bc7aae0b65e752202575d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
438baad436d6dc5f8ef61f29f56ed84e102c22306c0a5e94c31851ef7dc26d0e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
552132e6c8d8a21eb9c5c1c3aafda756f2b91d4146351fa69f5ad4f3b5cba9e7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60012563fcae08c0dca6906d7f5f86f055b21fe8e4d46f41d997745292e25e90
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6771e4912c6a61cd0af664310b8589cc0400b49d83ea44cdc09cb3b3d2643f01
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
78d938b0e971de2ee5fe6486f36840a6db078e7fa58fd7763285bc54d3f3777d
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8
808af092ebf9a3f9ffa55a0fcb1ec1809ac1a12ffa602e01e4ea91da1d2b5475
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
9462be1cfd48494da30fe9f0f3ce24301235bbe6e568253ce443e4a92ea5276d
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
98767a77718cb5b7b3e7dad8f46291778d419e907d1cd2a65d2fa0d2c41ae311
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0f29769301df56013846b8ef38823097e1986bbd19526d7ef118106d4678ab5
a24e49bd22884476f0dde0cb82afa7e2125ffcbdceea94402e099895b6e7ca68
a8c1efb294271489794c0ca5956dc1fda704497bdc07c5d584d4524f45a0a042
aa783582b760a36d7b1e40f797027c73eefa7feb9478c683adf3719ce56de502
aaa02f54495506b3f364131231aa64b60c0888bd3a0236b06f9628395fd6f0ae
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
b02e6d2b506f73743dca7078d473b7819f60159b1a7a236e008b53649f5ef972
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc201153dcd3661c1d8f1d41267bede360bb3ab7fff9c891f41351dd2129ff2f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c391a0d9c00cf2923e6ad013a7dbab11ef7938746519f92989fb1211eee62c1c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccc6c60529266faceeb8ea532fc8983ceb7db05ff382a1ed5fdb7ab6e734f36d
d2d01a28284207ea1bc9976244daa182379ac4c1cc50c22e0d3302bbf9b922f8
d2fb2823d5fc7bb6cd6e0f262bb5e0d7822747e3f9155fd7b09050008f32e2f8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dae507cb4977bd77107f21af43c9f8a40e01cf298ba8f108d6bda1601fffb1
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
ded61715178663c467a98c4c3ec4b8c92cc9a262be690e9342330c2126134a01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e633ca3052ce76bad99614f35065edb870fad142f27db57ecb7a67cfc8781c00
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a93abbc54b4453380f09ff11212d7dde5dc261891d0dd7ee0d265f21a10b29
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f95326890538d42f99807a71af68c8357cce18dd11034a11f2650e4f0fcaa5c9
faf245ef7daffe22916da9a639bfb08f58f5f2440bb7d34034ded4cc7541057e

zivbod.site-de-streaming.com Open in urlscan Pro 2606:4700:3031::ac43:b165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

84 %HTTPS

48 %IPv6

25 Domains

31 Subdomains

18 IPs

5 Countries

1604 kBTransfer

3519 kBSize

30 Cookies

5 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zivbod.site-de-streaming.com Open in urlscan Pro
2606:4700:3031::ac43:b165 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

84 %
HTTPS

48 %
IPv6

25
Domains

31
Subdomains

18
IPs

5
Countries

1604 kB
Transfer

3519 kB
Size

30
Cookies

103 HTTP transactions
3 data transactions