koooralive-tv.net Open in urlscan Pro
2606:4700:3037::6815:519e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://koooralive-tv.com/
Effective URL:
https://koooralive-tv.net/
Submission Tags: analytics-framework
Submission: On April 22 via api (April 22nd 2023, 2:56:14 am UTC) from US — Scanned from DE

Summary HTTP 231 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 29 domains to perform 231 HTTP transactions. The main IP is 2606:4700:3037::6815:519e, located in United States and belongs to CLOUDFLARENET, US. The main domain is koooralive-tv.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2023. Valid for: a year.

This is the only time koooralive-tv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 7	172.67.208.32 172.67.208.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3037::6815:519e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
47	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681b:4071	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.39.128.162 54.39.128.162	16276 (OVH) (OVH)
20	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2204:7600:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.139.7 52.222.139.7	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	52.214.4.83 52.214.4.83	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9 13	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5 9	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	52.211.63.23 52.211.63.23	16509 (AMAZON-02) (AMAZON-02)
30	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2600:9000:238... 2600:9000:238d:5000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2600:1f18:1ac... 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:220... 2600:9000:2204:3600:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
231	42

7 172.67.208.32 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

koooralive-tv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3037::6815:519e (United States)

ASN13335 (CLOUDFLARENET, US)

koooralive-tv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681b:4071 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:7600:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-7.ams50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.4.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.46 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.63.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-63-23.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:238d:5000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:3600:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177 ade.googlesyndication.com — Cisco Umbrella Rank: 317	416 KB
38	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	319 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	716 KB
22	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1049 static.adsafeprotected.com — Cisco Umbrella Rank: 820 dt.adsafeprotected.com — Cisco Umbrella Rank: 738	198 KB
15	koooralive-tv.net koooralive-tv.net	229 KB
13	demand.supply live.demand.supply — Cisco Umbrella Rank: 32910	33 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	7 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	7 KB
7	kooora4live.com www.kooora4live.com — Cisco Umbrella Rank: 671178
7	koooralive-tv.com 7 redirects koooralive-tv.com	2 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 1061	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 672 rtb0.doubleverify.com — Cisco Umbrella Rank: 1069 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 20299	21 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	195 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5261	940 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	569 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1703	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 707	418 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323	12 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12435 s4.histats.com — Cisco Umbrella Rank: 9637	5 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607	6 KB
1	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 31492	37 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
231	29

	Domain	Requested by
47	pagead2.googlesyndication.com	securepubads.g.doubleclick.net df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
30	s0.2mdn.net	koooralive-tv.net s0.2mdn.net df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
15	koooralive-tv.net	koooralive-tv.net
14	dt.adsafeprotected.com	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
13	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
13	live.demand.supply	koooralive-tv.net live.demand.supply client
11	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	www.kooora4live.com
7	koooralive-tv.com	7 redirects
6	googleads4.g.doubleclick.net	koooralive-tv.net
5	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	static.adsafeprotected.com	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
4	fw.adsafeprotected.com	2 redirects koooralive-tv.net
4	www.googletagservices.com	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	cdn.doubleverify.com	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com cdn.doubleverify.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
1	ade.googlesyndication.com
1	ajax.googleapis.com	s0.2mdn.net
1	cdn.besafe.global	df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	www.google.com	tpc.googlesyndication.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	s4.histats.com	s10.histats.com
1	s10.histats.com	koooralive-tv.net
231	44

This site contains links to these domains. Also see Links.

Domain
koooralive-tv.com
go.yalla-shoot-matches.com
kooora4lives.io
kora-online.io
yalla-shoot-tv.net
fal3arda-new.com
yalla-kora.io
bein-match.net
yalla-goalz.com
as-goal.io
kora-online-tv.net
yalla-shoots.co
yalla-lives.io
yalla-shoot-tv.io
kooora-lives.com
livesoccertv.tv
soccer-stream.tv
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-17` - `2024-03-15`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.kooora4live.com GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-01` - `2023-05-08`	2 months	crt.sh
cdn.besafe.global Amazon RSA 2048 M01	`2023-02-23` - `2023-06-24`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://koooralive-tv.net/
Frame ID: 3756512178CC7883263A32A2B0729012
Requests: 76 HTTP requests in this frame

Frame: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BEF529F9BCE546A991223574AB04AAF5
Requests: 1 HTTP requests in this frame

Frame: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADAA2D103AE6FE98A56DDEF2D4A53FC7
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C80C3C899B341C133749C8FEAA444D68
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77F66D766907B3AE2B1DCF59A9E4FCC7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWejJV-uiuMaIpAEAEhDSmt8BKQj3XdrMGval5fwALPaiw5vKoZYdNd8_91DNbHFZO0Xsx4lQ-B4MOkylLlJfqev9yJai31Qlhk_uFo1X-r0AtcQOIR_gxrBKHQ3Ptc_97osPZdnuOv2eBEOG2E0mqBeU97PQe0fjtW25izEimW4BDuEbH-cGuRKEPsQldbkzKAgAGJW3NUvQkXeouAllCS5nYvuw
Frame ID: C18067EDA5C27207B864AA5D1DB741A1
Requests: 5 HTTP requests in this frame

Frame: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 581E5B04B670C6085B89F89D284BAB60
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=koooralive-tv.net
Frame ID: 9F1F86D6759C8F99E77CD91DCECF45B3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPmPnOYBMAE&v=APEucNXxQm_e2L_r0vlecPd866sTkdU1jyMJaxX-GEY7LbOCw3ivwmDuJyavu3E9NS89r6PMsuWE9T3rkVO_j_g2QlnbRlym74O-ZXoCDe97MLrMsuSxhK-DiTNUXaUlKVXh2-aVnZSyp1sGho6czDmJeX1uU1bOgKAx18OLCdBLOPe5Iqggrec
Frame ID: ED6749B907D3F762B4CEEF22AA38299B
Requests: 5 HTTP requests in this frame

Frame: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5680E4E1187F8EAE5311E2D65AA0DB95
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E57F951F798F14BC75FACAFAE381FB3D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
Frame ID: 46F27B3868225F3EC926FE0135EC8A45
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWM-Ei43WeOduL43NnFGxDWnnExQ9RMWU6oumJAoDEndEGeLbl0_4XEcopb0dY8SWBxKRClCBFbTEeWIfT-9kVbl3eeo_yHxSXLV5umHQCObAJ6JZW6xSUROFLMXdRtfqqfwGRet7ySA30O_H4_zZwiy8S-uYA14g3-zDybrO3nN4yCCus
Frame ID: CF673E52D678575FA049C76A0D45B028
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3A541EB7EBD4432B95E52FA9AA591F3F
Requests: 3 HTTP requests in this frame

Frame: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C6DB836884646AF95E5D9E51165688F9
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BDD81E43A523DCA5D1E0138F49D8D59C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkqj5xgEwAQ&v=APEucNVg1bMwGyF8-rLGMcYN_OmPqLxDFGuR7_quq4WD9CzKnMFp7rl94p71BqWWb9HMze7Ji-rcHdjWT54M8T50May4dcHjhe1EtyCSS4Dg65ZOaovJ5cUL6hMDF798LMLxNDixFTcWhqG7z9j7N9sjpQZpnjTf0v_XIJ64eL5OzflenhpCAVI
Frame ID: 33324D9F61717E48E0EE18056E554008
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
Frame ID: 90A905C6F2693F16937CA3FD82BCE775
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EB378D3139C0C0AF8DE8C31A404B6898
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01240D94152082C413FE8668F0362569
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
Frame ID: B15E08D0A13741BE920F91023994E818
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CDAE4D4F5CB1357FAB9074A387C0997D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 478BC12E9B255F79F223B7C3ABF0A2DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة لايف | koora live | مباريات اليوم بث مباشر جوال kora live

Page URL History Show full URLs

https://koooralive-tv.com/ HTTP 301
https://koooralive-tv.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

231
Requests

90 %
HTTPS

53 %
IPv6

29
Domains

44
Subdomains

42
IPs

6
Countries

2237 kB
Transfer

5360 kB
Size

22
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://koooralive-tv.com/matches-today/
Title: أهم المباريات

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/leagues-rank/
Title: جداول

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/top-scorers/
Title: ترتيب الهدافين

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h2/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/yalla-shoot/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/fil3arda/
Title: في العارضة – fel3arda

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/bein-match/
Title: بين ماتش – bein match

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/go4kora/
Title: جو 4 كورة – go4kora

Search URL Search Domain Scan URL

URL: https://kora-online.io/
Title: كورة اون لاين

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.net/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://fal3arda-new.com/
Title: fal3arda

Search URL Search Domain Scan URL

URL: https://yalla-kora.io/
Title: yalla kora

Search URL Search Domain Scan URL

URL: https://bein-match.net/
Title: beinmatch

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/
Title: koora4live

Search URL Search Domain Scan URL

URL: https://yalla-goalz.com/
Title: yalla goal

Search URL Search Domain Scan URL

URL: https://as-goal.io/
Title: as goal

Search URL Search Domain Scan URL

URL: https://kora-online-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoots.co/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-lives.io/
Title: yalla live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://koooralive-tv.net/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://koooralive-tv.com/ HTTP 301
https://koooralive-tv.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://koooralive-tv.com/wp-content/uploads/2023/01/297.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2023/01/297.png

Request Chain 39

https://koooralive-tv.com/wp-content/uploads/2023/01/153.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2023/01/153.png

Request Chain 41

https://koooralive-tv.com/wp-content/uploads/2022/12/1028.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/1028.png

Request Chain 43

https://koooralive-tv.com/wp-content/uploads/2022/12/1423.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/1423.png

Request Chain 49

https://koooralive-tv.com/wp-content/uploads/2022/12/451.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/451.png

Request Chain 51

https://koooralive-tv.com/wp-content/uploads/2022/12/117.png HTTP 301
https://koooralive-tv.net/wp-content/uploads/2022/12/117.png

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1&C=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENMyA5j8pFWsE-L0YAUNwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAi4b8_S1Wrfss8_5Z_1vBE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAi4b8_S1Wrfss8_5Z_1vBE%26google_cver%3D1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENMyJyDRRKq2efHAwjB2gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAi4b8_S1Wrfss8_5Z_1vBE&google_cver=1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertagids&domain=koooralive-tv.net&sn=ChromeSyncframe&so=0&topUrl=koooralive-tv.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8pvmPXxXRHZqTERjdHBYZ3hzbDBWaGlnNHFtbGQzSzZjRGNOYmFQMTlpRnV4cDRLZTlXcFJLc00rMFNxMjVRd0p3UzljS1B3MlEvb1UwTmttMENtMWZOdmdTU3RpS1liTk9mdVJVaWdud1psVmdlbGdtNDNSMEQ0eXJEeE0xdUZFMXd1NW9oNnREVkRkcEEvQm4velMvVEZmZjVwcFBqNTR5QjVSSEp2SGtEWGNFNlo0b2hDNHZ4M0lVWG4ybjlSOTdrWEhLSGcrVnh6U0J2VXdDMGk5aU5hSjFSZGZ3bFJsdk5RVE1UYUFUU3lEYUNvVkZnWVRESW1tTnBKOU5DZHp3c2cxUFh0WTBPSDFaQmhwR1ZoY2ZMNzJIWkJYeGt0NXBZYlVYOU9YQkxWc1Yzcz18&cppv=2

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOd-hIfE552QaaFoaWMf6o&google_cver=1

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESED4RQCh6Pz2RLwkEYwtfdkk&google_cver=1

Request Chain 140

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLLPbg2asGnVsXVhwxzBpi&adContainerId=brand_safety_yExDZI_KJsm_9u8P_-ikiA4&cbFunctionName=goog_wrapCb_yExDZI_KJsm_9u8P_-ikiA4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdf750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdf750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a2ed0f83-3707-150b-69e5-52851c10eca3,c:atKGDA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-26jcn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16%7C171%7C18,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:23,oid:3b68d16d-e0b9-11ed-8b6d-faf552c51958,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJyvlDfvLpM8l69P8_bUIrM&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJyvlDfvLpM8l69P8_bUIrM&google_cver=1&__user_check__=1&sync_id=3bc33209-e0b9-11ed-8895-1a4ab9540206

Request Chain 167

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=3bbe5dc9-e0b9-11ed-a1b1-1fd522ee0506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2JjMzMxYWItZTBiOS0xMWVkLTg4OTUtMWE0YWI5NTQwMjA2

Request Chain 168

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JTjFzNndCRTJ1Rmh4STljc3o3b0J1X1BDa2VHYWRlQX5B

Request Chain 184

https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ixLi9cde6DSH_cJtHD7sau&adContainerId=brand_safety_yUxDZJpZguHH8A_A-ryADA&cbFunctionName=goog_wrapCb_yUxDZJpZguHH8A_A-ryADA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkoooralive-tv.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkoooralive-tv.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdf750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdf750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:613d14ba-3f69-f41d-c9a6-c8c9653f9b70,c:atKGJF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-f9vfg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tC7B9II+11%7C121%7C1221%7C123%7C124%7C13%7C141%7C1421%7C15%7C16*.990511-61634097%7C161%7C162%7C171,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:23,oid:3b9c8bf5-e0b9-11ed-ba08-7297637408ed,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

231 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
koooralive-tv.net/
Redirect Chain

https://koooralive-tv.com/
https://koooralive-tv.net/

73 KB
15 KB

284ms
219ms

Document
text/html

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d46d4a5f82fb799fea2e679ad38edaf2241bebc8241d76ee3e48e74ca88b9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: DYNAMIC
cf-ray: 7bba977e3ab89214-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Apr 2023 02:56:07 GMT
expires: Sat, 22 Apr 2023 04:56:07 GMT
last-modified: Sat, 22 Apr 2023 01:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFoNiCGmJWO0fbj0qpZvg5Yp%2FCAsKDEg18kpzMglgvP7snU7zh6MJkG5lN3WqGvet0zhAmFHhtYdSkVL7WgXIEBMRRxwukWFLfGQJO7DB2VLsMOHbh6jTq45myNLy0kgSco5n5rbWLYtPRbQsiWAFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7bba977da8b3bb4a-FRA
date: Sat, 22 Apr 2023 02:56:07 GMT
expires: Sat, 22 Apr 2023 03:56:07 GMT
location: https://koooralive-tv.net/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DPqn6RP0QxlkCS%2B30DTKFuUiqE2KaatNVEFMH7AU493m2Dp%2FPU0Jb%2F96RQTOllQ9S7xyI3j2AB6dMkdf7tzFsXvcp%2BqysMKwpoUuDJcVROTLVSMZHePH3EZLg5LweaDzbigVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 classic-themes.min.css
koooralive-tv.net/wp-includes/css/ 291 B
600 B 47ms
46ms Stylesheet
text/css 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280583
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 30 Mar 2023 04:47:19 GMT
server: cloudflare
etag: W/"64251457-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRkzdXW4WFQS8bgPwccDXKmrBCYHNmGo5Eh%2Bwaazp3YDbQAWLKCg%2BknrQcuJ%2FguG3KWcerMYZWYWLItMxRqgN0EkFn1BxxJBn7WIlk6MqJ0YX%2BuKDUsigCTHWvD8wVXZLVPl4fOLUMgfn0eGww1DOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7bba977fab6d9214-FRA
expires: Thu, 18 May 2023 20:59:44 GMT

GET
H2 200 NeoSansArabic.woff
koooralive-tv.net/wp-content/themes/AlbaKora4Live-v6/fonts/ 56 KB
56 KB 27ms
26ms Font
application/x-font-woff 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/wp-content/themes/AlbaKora4Live-v6/fonts/NeoSansArabic.woff
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://koooralive-tv.net/
Origin: https://koooralive-tv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 19:00:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 88982
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms5M6gkmMlqA9z0xXIisBhlXzVjzrSNa4iJrmDPaNlXE3enYNCZJV2fBAgHj9LxiHlTnj37y8e36HrvpLooas0ygcYund0y4fpVXNEnftPtz6iDbrXWouJIC9u5W%2F70o632hednkVtMjxJ6VqUPOtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=31536000
cf-ray: 7bba977fab6e9214-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 20 Apr 2024 02:13:05 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 154ms
94ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54797f996c1953f4e63f2a16e4ab7ee0fe52214c4dd888f39a03c5c3c8d08ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYAHT2SN209EXQN5SXM4JVJ5
date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 218
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2bcc750d9f5a6b1343fb85264ffd8b3b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7bba978008f89b6e-FRA
link: <https://live.demand.supply/impl.v16.7.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/a29vb3JhbGl2ZS10di5uZXQv>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 logo-koora-live.png
koooralive-tv.net/wp-content/uploads/2022/11/ 23 KB
23 KB 30ms
30ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/11/logo-koora-live.png
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc841e506c83e583ab37f27bd3b7f5f613f4f25711925332b69fc84605920bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280583
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23630
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:51 GMT
server: cloudflare
etag: "63a0b4e3-5c4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGuiYd6YO%2BJu4LhiYymaaV9V0WT5ZHURQKgkXhLUcjHxnibTcifylLpJEN4MuWZviE78TdxUcTf%2BTb0IIJjoqZXRPzE7wv6HesfxzPHJaOgC%2Fxh6H9y%2FX63CM2ao0mj52Nkw9ueMW%2FcM4De6KMiXBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba977fbb789214-FRA
expires: Thu, 18 May 2023 20:59:44 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 rocket-loader.min.js Show response
koooralive-tv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://koooralive-tv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 16:29:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643ec584-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7ptKB476QfXOa94KGphSEUuXnqWJ6gmaJf21wgX%2FT5te7Xs1soIXtsHgKgCwidHA1Q8Ta2c1EZTsznGMoprmnA5BQMY8TSOTDqJ9Amlkomnm%2B4JbNKMvftgiZzybIW6AqnPUhOoMcsi0ReGHIM7HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7bba97800daa2c3a-FRA
expires: Mon, 24 Apr 2023 02:56:07 GMT

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 gpt.js Show response
koooralive-tv.net/wp-content/cache/min/1/tag/js/ 74 KB
27 KB 30ms
29ms Script
application/javascript 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive-tv.net/wp-content/cache/min/1/tag/js/gpt.js?ver=1682113513
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc59267bd29b07525659ae6c76ff643096111c38d819d12f0664605d2286170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18632
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Fri, 21 Apr 2023 21:45:13 GMT
server: cloudflare
etag: W/"644303e9-1274d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5aMN1wL%2FbcqhPz%2FHgvgDj%2BjkH35vSo7i9agr5bUtJiF8SOKKUAI2x%2FsiV5ou4EQXqVIeNuhsauXbQvauioZ4h4ZU61%2BkankjWY83ojpHtFJb%2Fjo8b8nC8rB8EEr20vCxj0RaMmZO%2BEBJi2gQae9FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7bba97803dc82c3a-FRA
expires: Sun, 21 May 2023 21:45:35 GMT

GET
H2 200 impl.v16.7.1.js Show response
live.demand.supply/ 73 KB
24 KB 39ms
38ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.7.1.js
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYAHAQ430A5TEKDY09RNW2H8
date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 298744
cf-polished: origSize=75202
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"af5bcf980a6a31d6010a8947169a5412-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7bba9780999d9b6e-FRA

GET
H2 200 a29vb3JhbGl2ZS10di5uZXQv Show response
live.demand.supply/p4/v16-2-0/ 997 B
621 B 174ms
174ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a58a306614a7d156bd0b5e3f0726da1a91fc74b12464ad32acca9a81d37f376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7bba9780999c9b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
536 B 51ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=155&cs=c&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2DPEGAZGEY2C3ZVBVS7BT
date: Sat, 22 Apr 2023 02:56:07 GMT
cf-cache-status: HIT
age: 280631
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba9780cac13a91-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 126ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afceb80f47058dfe61dca39726b6adaefea41e4c13a38ed127e494bcdc46d25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25055
x-xss-protection: 0
server: cafe
etag: 214 / 19469 / m202304180101 / config-hash: 6342739278968460252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:07 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
606 B 53ms
30ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GVXTG2SF29VWGY6YD5P5CXD3
date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 280631
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7bba9780cac03a91-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/ 398 KB
124 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 20:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21894
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126571
x-xss-protection: 0
server: cafe
etag: 16530882680372410927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Apr 2024 20:51:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 895 B
400 B 79ms
33ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46b04608f2a24066e3d5568d772a0d0caa9925228b3b256d59ea5ad739f4e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Sat, 22 Apr 2023 02:56:07 GMT

GET
H3 200 koooralive-tv.net_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
394 B 162ms
162ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/koooralive-tv.net_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da59ab00e2b608eda9a52bcd54ec10359c77c42b3a63b42985f583d7f1e59e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7bba9781bb2f3a91-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 94ms
30ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 82ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
955 B 716ms
716ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=2700737397543824&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2Cc49ea298-5571-44bf-94dd-c629dfb14981&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1967996485&didk=849936728&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Df3913294-8323-405b-83b1-f5e67365b73f%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D15%26bid-p%3Dgoogle%26bsc%3D50&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682132168033&lmt=1682126138&dlt=1682132167612&idt=387&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c842c63daa43e2f423436cff11196af7dde52e8aa08199121e35bc8b9a47c561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 925
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEF5 6 KB
3 KB 126ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sun, 21 Apr 2024 02:56:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/ 33 KB
12 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

273527979023b207e69b10f59667fbef83f83198077ebfa3c4f99994e7164adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 01:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4546
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11853
x-xss-protection: 0
server: cafe
etag: 3201643035113748782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Apr 2024 01:40:22 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.net_auto_728x90_sticky_display_bottom&pdc=0.18667978048324585&ucv=null&e=tcp&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2DPEGAZGEY2C3ZVBVS7BT
date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
age: 280632
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba9782bc4e3a91-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 28ms
27ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2571371
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7bba9782bfa82c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
7 KB 264ms
264ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=4096999420647558&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2Cc7849ab6-474d-4ff7-b5c9-ab625b326e92&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3469974626&didk=2903573808&sfv=1-0-40&prev_scp=ti%3Df3913294-8323-405b-83b1-f5e67365b73f%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D50&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682132168116&lmt=1682126138&dlt=1682132167612&idt=387&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08b1183b4abf6d0b392f53de231e5e4b5861fc45521b23a7ee600f606146d110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7546
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 107ms
27ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:52:17 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 817923521

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
498 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GW4ME6920SCHCGV6Q26B488T
date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
age: 2494016
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba97834d283a91-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 121ms
41ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbe8a467c38363174381d09d6652a87da13c2d346b84409746008f0d7c51a47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11140
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 46ms
31ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 791ms
790ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=4096999420647558&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckoooralive-tv.net_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=2196926945&didk=1975517662&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682132168205&lmt=1682126138&dlt=1682132167612&idt=387&adxs=436&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e08eff92b84bb96d2e1087f76ebd485d5b3f51dbd508ea5dd2f6c054af38a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6841
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
9 KB 300ms
299ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=4096999420647558&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckoooralive-tv.net_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=4&adks=3763906004&didk=4230357726&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682132168207&lmt=1682126138&dlt=1682132167612&idt=387&adxs=315&adys=158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301c811410d57d8dd3cfc7100edc751f5fc91a60b7b82c5eeb91a549e4ea8c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 573ms
572ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=4096999420647558&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckoooralive-tv.net_970x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=5&adks=614191896&didk=4230357713&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682132168209&lmt=1682126138&dlt=1682132167612&idt=387&adxs=315&adys=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d3479b047b756490ac03a38e637f93a342f378c154500d7963f6b72105cdc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7122
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 tan_simba.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 91ms
27ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/tan_simba.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 Wydad_AC.png
koooralive-tv.net/wp-content/uploads/2021/11/ 58 KB
58 KB 32ms
28ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2021/11/Wydad_AC.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5620949b8328ec1492508c4e2671967554f63043bd62ec2d77532fc9da77cf96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58908
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:49 GMT
server: cloudflare
etag: "63a0b4e1-e61c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG5hMRmFVtHfrOLgunKCE14WcX%2FAXBBChxOfWSfImDtRJ3tFtBt9lmiO4d0XnJyGiem4HFo2T9h3b2Vk2Du%2FfcHsjPhowJfruHQb6WlnddxKYfJge22i3neXviZzNIk%2Fe4FKuLADvaBN7Hk4PSaFSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba978378892c3a-FRA
expires: Sun, 21 May 2023 18:08:48 GMT

GET
H3

200

297.png
koooralive-tv.net/wp-content/uploads/2023/01/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2023/01/297.png
https://koooralive-tv.net/wp-content/uploads/2023/01/297.png

5 KB
5 KB

45ms
45ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2023/01/297.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20a6a74ba6b16e9328061c5f5b153e62b5babe247d142bfe7fae9210e8032f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4997
pragma: public
last-modified: Mon, 23 Jan 2023 21:18:04 GMT
server: cloudflare
etag: "63cef98c-1385"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Opu3mZvGG5KlRYGcTFxRbLN0iI8KdcdeHnLpBZuzSbYBlKnjLdRIHatsvFOEvGtFbFbwi%2F3S44g6%2FTCoZBx%2F0y1U50%2BEZ6LPf8zQxTLg7EgiHR2oP%2B0i06tJ9xarJUyFQu9OxDQc20iWdNjsNj%2FZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783a8ad2c3a-FRA
expires: Sun, 21 May 2023 11:31:09 GMT

Redirect headers

date: Sat, 22 Apr 2023 02:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2Bd1nDY79vFA2oY8tTzYAQ2tuRA7sePPcY7NEz%2Fl6lVDQrsHmpI9GR7lGsYrVTc2Vo%2Bq6wDu%2FK9BDFaD8Llp030nUMA2emQexrtNqYIzsAnZm%2Fip%2BBLOcYOva9oaGc6RQRawA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2023/01/297.png
cache-control: max-age=3600
cf-ray: 7bba97837db6bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 03:56:08 GMT

GET
H3

200

153.png
koooralive-tv.net/wp-content/uploads/2023/01/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2023/01/153.png
https://koooralive-tv.net/wp-content/uploads/2023/01/153.png

8 KB
8 KB

46ms
45ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2023/01/153.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc665b58a0aafa77d2b1ebdb0daae099ad88c706782b605c4e7a1d32f9cac34e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8018
pragma: public
last-modified: Wed, 18 Jan 2023 21:48:10 GMT
server: cloudflare
etag: "63c8691a-1f52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtYq0uLSwfipqyuKiXNWdWmRBlN5loAy4fyTUzkodA7ubL0G%2BiXDD1ovH4q9LYEMILhMKoKtnBU5nalUcQra1%2F26OVKNAutzk8Al3xqDzSuehUzx9ISJFGE4XCPVgp6Uv%2FvZVWrKyYuB%2FOtnxwitnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783a8ae2c3a-FRA
expires: Sun, 21 May 2023 11:31:09 GMT

Redirect headers

date: Sat, 22 Apr 2023 02:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBccf7mkcp4kLnnWZdDIV2ig1%2Bso0wv4CLqq3mfcqZ%2FfQDY4zQsuJr2XXSwUgVEEJ3%2BIpw8IHWmO%2FllT8bfmVauTspb1G%2BD5MJ7kkcnuf7PkPW27TVarpxZbx6iABGwCeD9ARg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2023/01/153.png
cache-control: max-age=3600
cf-ray: 7bba97837db7bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 03:56:08 GMT

GET
H3 200 eng_leicester_city.png
koooralive-tv.net/wp-content/uploads/2021/08/ 6 KB
6 KB 75ms
72ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2021/08/eng_leicester_city.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb6b858475b4f37046faac15575fffa029ac24836e5f9a4ef7a42c3fb57c1dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6081
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:49 GMT
server: cloudflare
etag: "63a0b4e1-17c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uP5eaDxBWwQEL1foBn%2FZlFigFNunf4YrMOYoqm%2FEXISdz5DZfWNwEiSbYuqtEjt9WmUZ2RWpEm8Y%2BpFBlhT63inYHSYYME65lSBc%2BA0Ml4LTWpYCwVZZyM%2FLCGFocK5bNfSHpJc5y8WdNVC3xBIM7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783788b2c3a-FRA
expires: Sun, 21 May 2023 18:43:20 GMT

GET
H3

200

1028.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/1028.png
https://koooralive-tv.net/wp-content/uploads/2022/12/1028.png

5 KB
6 KB

46ms
46ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/1028.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776a8b3b224910e5c623e234752577d85e74f844e976ab061cb7b2d545340631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5605
pragma: public
last-modified: Fri, 30 Dec 2022 09:15:13 GMT
server: cloudflare
etag: "63aeac21-15e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cG0InCl1N8Cxx1N%2FfoZL3M39WCvLc45C54LztdQ2R4OhhH6KYGwWV3MM7k2KOk7tkGdvqHytgyWtEkV74Lz6EMOrqYTYKQR8pK1z10znYq1EPTcMkVdKlcH2DqNKfr2%2BFrqPBkcU2cJiZbLP7Y23%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783a8b02c3a-FRA
expires: Sun, 21 May 2023 11:31:09 GMT

Redirect headers

date: Sat, 22 Apr 2023 02:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqQugH3yeRzA0jR11tlmeWo1ULYoFCfJHp%2BnXwACFI2onQIC3Co9TAhuce7xkINk1Bvd5DXBwbiz96SCm7xLA584Ki%2FjPVTJ3QBJE7rTM%2F7k16ZzF70i%2FiPwgT94AXYCA3xTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/1028.png
cache-control: max-age=3600
cf-ray: 7bba97837db9bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 03:56:08 GMT

GET
H2 403 download-4.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 87ms
24ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

1423.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/1423.png
https://koooralive-tv.net/wp-content/uploads/2022/12/1423.png

5 KB
5 KB

48ms
48ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/1423.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecaafad2fac501bf387d3ff1b77a92a6500b0998d95cc5e95726ad3d06b20a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4822
pragma: public
last-modified: Mon, 26 Dec 2022 03:43:03 GMT
server: cloudflare
etag: "63a91847-12d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuUqZMsriS3lr1BkDPfoJU7R7q%2FvcNKQ4rneslVVh39beUu%2BEedooDP1c2HdusFxcWxqErNpW18CVO4P71zp1rPjvDioqa9e15IL%2Be9Ti6Dnd9%2FI88SVUKZar0ZaP0m7k2aH8hDl5S6laD8TIqFAaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783a8b32c3a-FRA
expires: Sun, 21 May 2023 11:31:09 GMT

Redirect headers

date: Sat, 22 Apr 2023 02:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDg4yzZ7d88Rt5STYrlRKVavY1T65G9Cso5WMzaY1QnYAZ0ui9GYZY5z4Gz9y5tXz8tMlNkm%2Ffz8JmZjHgOZaQ98LrymRChLDWAcEW8KWVCR9Z3O4d79E%2BWNDXmKTXsd2TtTwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/1423.png
cache-control: max-age=3600
cf-ray: 7bba97837dbabb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 03:56:08 GMT

GET
H2 403 download-9.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 90ms
28ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-9.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 1391464074.png
www.kooora4live.com/wp-content/uploads/2019/08/ 0
0 87ms
25ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/08/1391464074.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 ger_borussia_dortmund.png
koooralive-tv.net/wp-content/uploads/2022/07/ 2 KB
3 KB 74ms
72ms Image
image/png 2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/07/ger_borussia_dortmund.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d47e25b37d5458e70f70dfb6bdc44949a19cc5a1aadaa118b9e10d8d75e1e09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2164
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:57 GMT
server: cloudflare
etag: "63a0b4e9-874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiCYZx%2BQ98r5saojcYNtCzbbeFSyA9J6GBc3F0GqXqUfTFNwI0fg9Wur99tp%2Bvg9QNFi2wKNknAJiI4OXHfmLmT4pgp2r7wSVAR%2F7pAG7%2B%2FniTl%2FRUEPLb8UiJ1UVeoxwePxTpw6NPjFlXkLodUctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783788c2c3a-FRA
expires: Sun, 21 May 2023 18:43:24 GMT

GET
H2 403 ger_eintracht_frankfurt.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 87ms
26ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/ger_eintracht_frankfurt.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 egy_al_ahly.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 88ms
27ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_al_ahly.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

451.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/451.png
https://koooralive-tv.net/wp-content/uploads/2022/12/451.png

7 KB
7 KB

49ms
48ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/451.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771470d89801445058b5b595a4070aad92dcd9f6596da24ce83e71c939a82072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55498
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6937
pragma: public
last-modified: Mon, 26 Dec 2022 03:42:55 GMT
server: cloudflare
etag: "63a9183f-1b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irjvT0uJRcBHAWelyyjFpIu3CKKqAokO2P8nl%2FCp%2BZgHWbFh1U90ai7u4E%2BGJ%2BHQQZu55mtFOyp4i%2FrxY3OMK5usbDjp20rbP%2FKHWMg7USBOhCpb%2FV94mp3rwm36mn7qLkQOxmf76s2czJFZn3tIaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783a8b62c3a-FRA
expires: Sun, 21 May 2023 11:31:10 GMT

Redirect headers

date: Sat, 22 Apr 2023 02:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK1xkN841DcqrtjsXAjg%2FRa1ezjkOC9TlUAvLYE9g0Sqtlrj2ntY3BJAiK2iPbAQMxA5spOcNvvf3NokROenJGwXF0ow0Vui2v4LkcxqJ3i4Jma5x%2Fc72Yowfpt6lSTsTHpgkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/451.png
cache-control: max-age=3600
cf-ray: 7bba97837dbbbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 03:56:08 GMT

GET
H2 403 spa_real_madrid.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 28ms
25ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/spa_real_madrid.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3

200

117.png
koooralive-tv.net/wp-content/uploads/2022/12/
Redirect Chain

https://koooralive-tv.com/wp-content/uploads/2022/12/117.png
https://koooralive-tv.net/wp-content/uploads/2022/12/117.png

3 KB
3 KB

49ms
48ms

Image
image/png

2606:4700:3037::6815:519e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive-tv.net/wp-content/uploads/2022/12/117.png
Protocol: H3
Server: 2606:4700:3037::6815:519e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01542c975ed3727d567968a2853befec72860e477d3606e0c1da931627ae171b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2805
pragma: public
last-modified: Thu, 29 Dec 2022 10:50:53 GMT
server: cloudflare
etag: "63ad710d-af5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETt9PrGaWsYT9Pk9t1QYm9Z9iq8b9fbuQFHLJeGYn6wZ8x5364qBEYviiRIJZjwgc3ZTl8HLpBJj8zNmuR%2FdEbyx59ZtPyaYHLcgOfLzpFU1cbRk5yVdpgebktKSMYgOLNLP9AwIeggCGMePYRHEHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7bba9783a8b42c3a-FRA
expires: Sun, 21 May 2023 11:31:11 GMT

Redirect headers

date: Sat, 22 Apr 2023 02:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaGhOUZyC1k0aULy7raL%2BfbMk4w4noyIow1g7S5qR1Is0%2BB2eqkVMlcb7gaIXu9VP0wbIfSfwALPre%2FllHjnvmyvG2jAIJr%2BenBoVdQh0sbRchaWvsI1nrBNiQajPY%2FeTq5O7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://koooralive-tv.net/wp-content/uploads/2022/12/117.png
cache-control: max-age=3600
cf-ray: 7bba97837dbcbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 03:56:08 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 331ms
108ms Script
text/html 54.39.128.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4715052&@f16&@g1&@h1&@i1&@j1682132168329&@k0&@l1&@m%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora%20live%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84%20kora%20live&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-101146104&@b3:1682132168&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkoooralive-tv.net%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562109.ip-54-39-128.net
Software: /
Resource Hash: f2468dfa7b2332332f83e8a3ef7f3e98f78e4beb31d757bdb799a26c89e0b1ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 02:56:08 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 89ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 02:56:08 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 123ms
28ms Script
text/javascript 2600:9000:2204:7600:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:7600:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 02:50:38 GMT
Via: 1.1 52102486f97ad6ff39f81538f01349aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS50-C1
Age: 331
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: IAe_1PChDr77aFOlLPtABTkh3H0kGh9F1iBG7Kq9HJ_atuqIbP9IwQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 126ms
40ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 23 Apr 2023 02:56:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 113ms
31ms Script
text/javascript 52.222.139.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-7.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 01:26:46 GMT
content-encoding: gzip
via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 5363
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: OBA_X7U_scuaolFGkuRB39COw1NJ1OlR7ioCSYjwG2lBELNCSSdgfA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 89ms
32ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: QMTF7Y0EQJWTVWC1
age: 1703
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bba9784ed822bca-FRA
x-amz-id-2: SeWCqnl1Kp+QuGy2EIyalJ8BkaauZ+FQHDvyvpN+WMxuOXaApqhXsz69QeQqfnfMQbX59aUJB90=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 81ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22971
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfSsmKGYgt1pw%2BX3crBnPOIwufsko75QcZRFSSNgXtsvP1C1uUOrms9xe2PtKpb06SSyWJbSoZUYZFouv04w8FknqnUTM%2B6D%2BeJ%2Fs8L1YecSpBCvvYpKKDz%2FxSOuamTnKZErdxRCEO9NKjPcKlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7bba9784dc01377c-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 77ms
21ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:51:04 GMT
via: 1.1 google
age: 304
x-guploader-uploadid: ADPycdvbYvsjD3G_gv-gUNiNtMxinpyHdCsC4FAXja4uHty6p-oF9ET6VWFCtwCC8cxVTkOcaIYaADSjEOcwCj6n-UFiYA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Sat, 22 Apr 2023 03:51:04 GMT

GET
H2 200 container.html Show response
df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADAA 6 KB
3 KB 27ms
26ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sun, 21 Apr 2024 02:56:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 34ms
34ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=koooralive-tv.net_auto_728x90_sticky_display_bottom&sy=f5cb6630-2fa5-41d0-aa3f-b1dc28b192f2&ts=50&cd=2&pud=155&pus=c&pue=542&pid=44&pis=c&pie=586&ppd=175&pps=a&ppe=718&pcl=478&ttc=720&tti=1185&ttif=0&lca=718&lcak=ppe&lct=718&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koooralive-tv.net&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=f3913294-8323-405b-83b1-f5e67365b73f&e=lm&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2DPEGAZGEY2C3ZVBVS7BT
date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
age: 280632
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba97849f8d3a91-FRA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C80C 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 19:36:07 GMT
expires: Sat, 20 Apr 2024 19:36:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77F6 783 B
1 KB 97ms
45ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8533f631d497bba214437cbe60e5737472d3140fa423e503534853fd301ef1f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5mCGRB-ety-c5Rc_7EDcQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-5mCGRB-ety-c5Rc_7EDcQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sat, 22 Apr 2023 02:56:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C180 624 B
826 B 91ms
39ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWejJV-uiuMaIpAEAEhDSmt8BKQj3XdrMGval5fwALPaiw5vKoZYdNd8_91DNbHFZO0Xsx4lQ-B4MOkylLlJfqev9yJai31Qlhk_uFo1X-r0AtcQOIR_gxrBKHQ3Ptc_97osPZdnuOv2eBEOG2E0mqBeU97PQe0fjtW25izEimW4BDuEbH-cGuRKEPsQldbkzKAgAGJW3NUvQkXeouAllCS5nYvuw

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sat, 22 Apr 2023 02:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ADAA 78 KB
27 KB 83ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADAA 42 B
63 B 99ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BL2xlD4vvgo3ZTdEaWISnZfyck_Eu7nPXCo1OffD367rS4wuxyNsDwndYTl56DF9X9m3ecZarwa9rGDQEDcTQ2rjs4ggIOpOCR76U6Y-4cddr5r5k

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADAA 0
20 B 100ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8229609436232912200&x=1&ct=76

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame ADAA 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame ADAA 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADAA 159 KB
49 KB 113ms
45ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:08 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 68ms
67ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 643a09f1c5b32bb30ce61e64fd411e109dffb43b322402eaa64c965e27e13ad6

Request headers

Referer: https://koooralive-tv.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 70e7176ebe20b434334b4d28e4732743
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 111ms
53ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://koooralive-tv.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://koooralive-tv.net
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 22 Apr 2023 02:56:08 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 3e427697dddefaa8cb26ba7926fee19c

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame C80C 36 KB
14 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
326 B 87ms
25ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://koooralive-tv.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koooralive-tv.net
date: Sat, 22 Apr 2023 02:56:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 container.html Show response
df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 581E 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sun, 21 Apr 2024 02:56:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 163ms
49ms XHR
application/json 52.214.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.4.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 70996f1091cd80a4d4d219c188c0e30c076101b3493047b6a28a1014887506be

Request headers

Referer: https://koooralive-tv.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache
x-server: 10.45.11.79
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9F1F 15 KB
6 KB 112ms
38ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=koooralive-tv.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 429106
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C180
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1&C=1

43 B
632 B

36ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWejJV-uiuMaIpAEAEhDSmt8BKQj3XdrMGval5fwALPaiw5vKoZYdNd8_91DNbHFZO0Xsx4lQ-B4MOkylLlJfqev9yJai31Qlhk_uFo1X-r0AtcQOIR_gxrBKHQ3Ptc_97osPZdnuOv2eBEOG2E0mqBeU97PQe0fjtW25izEimW4BDuEbH-cGuRKEPsQldbkzKAgAGJW3NUvQkXeouAllCS5nYvuw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C180
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENMyA5j8pFWsE-L0YAUNwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWejJV-uiuMaIpAEAEhDSmt8BKQj3XdrMGval5fwALPaiw5vKoZYdNd8_91DNbHFZO0Xsx4lQ-B4MOkylLlJfqev9yJai31Qlhk_uFo1X-r0AtcQOIR_gxrBKHQ3Ptc_97osPZdnuOv2eBEOG2E0mqBeU97PQe0fjtW25izEimW4BDuEbH-cGuRKEPsQldbkzKAgAGJW3NUvQkXeouAllCS5nYvuw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C180
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAi4b8_S1Wrfss8_5Z_1vBE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAi4b8_S1Wrfss8_5Z_1vBE%26google_cver%3D1

43 B
1 KB

30ms
30ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAi4b8_S1Wrfss8_5Z_1vBE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWejJV-uiuMaIpAEAEhDSmt8BKQj3XdrMGval5fwALPaiw5vKoZYdNd8_91DNbHFZO0Xsx4lQ-B4MOkylLlJfqev9yJai31Qlhk_uFo1X-r0AtcQOIR_gxrBKHQ3Ptc_97osPZdnuOv2eBEOG2E0mqBeU97PQe0fjtW25izEimW4BDuEbH-cGuRKEPsQldbkzKAgAGJW3NUvQkXeouAllCS5nYvuw

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
AN-X-Request-Uuid: 636c1f4c-e532-429b-999e-056d51a6e9cd
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
AN-X-Request-Uuid: 0157df03-bf98-4a04-ab8e-a1986070e3ab
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAi4b8_S1Wrfss8_5Z_1vBE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C180
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Apr 2023 02:56:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 16249018-0989-4286-8aa6-47dc1823c650
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADAA 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1865712133087&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADAA 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1865712133087&version=m202301230201&ct=76&x=1&cor=8229609436232912000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ADAA 96 KB
38 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D49Ycj6D5hm12YyI-Tl9VeNPt_yIBkKtEtuhxZ2H65aGRrDVN4ISh6BRMGo2nbs9w-Dp7UowHWa6sw2oifDZASZJP4mYbHP6KUBMIj2slw_qn1ffcdBEJMWo4jCT4zl_4ti3Ldrsde2VYqyiOuETXpNXhnvUl1fNAr38UIld6gCHkY9OA&dbm_d=AKAmf-DtQhdstIgU5y8rwllKJR7UDGw4uhabZ8q0JPA-T3IwVPlTKCo9OyzhuPXW7xWQpz5d95egqd8Y-QY8j0OI9XLtF1aFvFNsqI03CxlG6HU1kcpXbHqyJOShO86oubO5IaL5n5iOCI_13059IBpkZJzu3mkhy8O6e6x2189m8ZBTZwdQPzs2lxzrgMvKsjEXoS0vrLWjLlHO9gvppZv6ckwoOLOOS8-rRCAna1_swMDGesIYvL4ulwxJKGaLEeHQLOIIMgLxHrmYji1vA5CXvHU0MP50TlAHcv1Op2naX3MC_NZ26-_C51Oj-DHHm9GZFmdvpxd3TzFpXsaZHxKng2eOjdjkvIfPKxHnPSV2F4LGl7H-EiU2QEJGL6mWvrvUgoE5kjG6XBNks6-Nc7qjS2fWJWXPsRsxUOOEFfNOaRzMMEThRpmFtG5RVws-7v223cOWrk6M_6f5WEMNLPRMSfMZVtyoKqZvscFEbo8tR-jqt8vhsQIY5SnKuaZ2QWuCCq8qFlgocD3_eM2vkxK3zzzrltZ6c14juBm2g_FEewv5qEyOJYc9pFXNO_OZ3kVin4N2nokTRVt_7-O_DzTvQsO1pDWT5JBFlDHJWztMLezIfT7_8GX-gV06Ax0GaLDffr6FJ5dfWeXDoZqO_JalXFcOI0oPW48rhTjhDB0z35p7jhATvVmodUHh0OiST4JxKP8Kzvcg0KJtOSs_jaYoDz6DlXvw6ou08PXaEePxsJnLiOsvSix4HHTZKj1rZWpr_-2kjfc9Wa4hPzwewWJu9hrbxZWdiV0q1qUFG6gveGixdFKBMKRr_ZmgmWw3DWrJWFTr5BR3e6ojX63qQnTbVYyqKppGHt7x54jcN4_3x0tGaA58J3gB4qtmtIt4NeXJFsIs8IKlI3dhAz41uURX99Y5EH3IIkL4105hCJIMlzSZWNJ1FNzJvAAa99NXzrYnMJUlN5ijbNM7QZqM4AQ7S6ds-_3mDbWjmcxZzFEKSd0Lk19IhW2s_qmrEbX5-HRnq8lSAf2DArxPiDVz0ZvyMiQ20VBh4ZkpH4GjO5FCg5Fsj1ZDTMATzDzDPkkmXMVyKlMUwDa3094zGaB_We7ry03RHvSszUh06yv8ePLs92K9ic5hBq5bG4eCMew9XG3fnP0-GV7RseiZkxGlaLTf5VYpDlllNhmy1pYSVYs84Z1LthBZ9zEqOogYK2CZ7SP_t3HchRrSm68pZO7S1OF7D4nEcVUBu2uzgs5YfG3hHWNxSYxV0JpCtGlkI2mrOL0I47HVdqjlWoYXWlNVf2ZVc_X65JKA9xl2ZyjbWVqwPT50Rat2mCMT65EWQpalIInIEqInCxoKutuuOwUe7nmxQ7oogWCJPZqaUglylu3dmQB--ajvVa0IGfb_PGsVjIFV9y7GtdOSoFqVzt8wdXJbx0Da_mtssreIis7kkLLfbMKhEyzJI6O7sZxA-VLuh89vA12PQ1kwo6ncKdBEspHcDmtxhOgBcOzbBDP_rQfBswPswloOrzX3IKwk6ysEVNpDSxI-7En-izwGpdJc9dT_q_1_9cTAZh0KBOBZSy6P1fQKltY2_YLT8uxEI-lxTkQ62vsr98XW7rFCrxC4AeHOgve-u8In_KR7lYsKI5EAuGcjqqI_iZ6CxY4rIeZI9nYuMAdATARq1L7i1ptHeGaaV-1SUdTXznhQi6p0mQEBpnDLwdAHICKwY7BrZ4E6VPvYv47Z9O25KKxrwJsKSyLmNjEl5eGgu1O7bk4bvepK5hpeLFXw7ufvTX-Shr48pen0tvrJMA4yq-datcrgaEwgW1_qGucG55glaauFgthzFjjeJ8b-UVWTcwpiYmdCOEvvRdwMgb8IWU1mmWJKYouhCNN46BbgKEpel8HAB7aZYMA7ee1O2cbJvDaWBguVtGrGgHXOe1tLKgvwFFszM3FhFv_dwVly4aV7-t8TY0DCuObr7KXNrtxPw3Po1V7YOTISBdG60aMOnwicgapVIGbgYaLuuw6IdSP2MvQJNbS8Je2FbvXt7IrG0a7uYrt7N3OLKTmneEQBvLvbqGaPMiCz0lM4Sjf0YiKtbAOhglzA0dovD9pPHWu-eWI6Mfsrf7hocOQgDaeFXq3C47haPKL-58WCWaQ7JBmL8ne7j-kPAJ5yVqfolYRxa_L6sk8ITzWFwB4rLuPt7yAKaFgPjTE-fPGsqoqfzMam4NKcRI7UyhF5t2OJGo9mEjQv0vbpAoNF_c4KwUOpziStvCCZedyY_wk57Lc0-f327m5JZE-YlJFN_wKm0OA_Q22fYRYln5ng7_HA8rYNXnSQmFZXa2xc3wcy2ABLbLAxSskPgEyMyeTzgtoRZgn-u8CL2_EdYR1koItgk850GzUCmRBq_1DK9VBytjgcq9Jxjj16vOuykwGH8Z-oIznsacawT8K2WHqInqAkl9yCC7PJe86Hgt_yic8yKrFrRfYcO3Rfm7fjjF2eaBXtWLIuqMLJPGlVBjNiS0QyKGtqB--tytebr9QQ8YtC-8mIvR29t92Hc-hHy5S0xejwkJ4s3cXUsKcwcTy6dGKPI3tTk-uKfi47qkgK0Gq_r45dvB6ar6bKPQY7KuLHsEITaTKnXslcg7wLjScpwlzNSyIMqxH0qNe07EgoWuUtGAqnxcwS0rB_ln4STsdTbPNK77USltkaIFG2-MEu3EX27WO-wc2rJsnCuqCKhvrXGJE3Uuz_mRear7mNfRjSm5zP-XTFDzJaLCFMu-jy4HjSaZuO6_9-Ww0PSXnRcklJsBVFPJV-3rtil1NSahBQGmRhYFTBbNHDWUvux0fNPGvIcWOYiqjktCRAIDZdztwBIz_WmjnADNpJSBklc93wsFw2WODcAlJj_N5O6SUhEcdnPOk_bSDFfyn7zIgLCkITf-lhbIW0Da5XMeskV6Ou12hTGDJfPCmgnROPqWF7GfO2v01lx-4NLcTFIqj1rGWjmpOmxTDEPnOxlkGJIpQ4tdSPISAwQq68mxPY1aqCtTXNkiWwB_PVQqI8YKeJMvwjKc5sjCwYXP-zETj62ewnxdb8G-cW_j8cwVr_x3TIzkERkhV_EYVIR9dUhFxBAgOlNBBEJm3S93JMCM-rycQOF-vEQ_XrUhcwmBcANBUavvC1vriVWKGQyDiTr_zFH-GmGWK0DL6ftyN26fakivTy33Vq3unGCr7Oa2FmvRBtg3t2JUxrTEg8Bcdp9UaSivzhHcVvZuLmpQ4bZCGFdTfwJslAhwI4Umv4Wm6Fd8WVFRfYbM5Koamab-HGfpJrc2ui6RLJDRFN8jRVtVRUopxG0XsLqqgl0gD8AOPKhnewNy6vY2hDyyEuAL2ydVnI1g0mU-exIo7--yLhUg9DGnXCVJuv6-eLxUQC463wkwahWFEHpJ2hLH3_sk778x2KHyj_r7PYTzedRA4uRv3rFE-C0ZpEh7zZ7Wt4TZQG4jJlUFESxmKs9oiaCJmgfREgk225pQxkzDGW6Bj4cbvDxRefMZypFSkqEZcEBdfOEAAWDa7xTzLnFyMlMdsDyYKbAE0b7-ybTGhAWJG5Hmmwco9GHZym153il3xQeQf7non7RzfFVv6MXYI6vz-8ckGwtaQhvq8O7OsrFRdG69G32OBIZlRSVtfM9VYBPmi5EtyRqZiKdCGluboORxJ8AK1dz4afEnqkvIN1rzuTpRPmG0ktcRqPDoWnXrRy-5CUtnF-1N3fngGBdrD_ExB9OMzPgkQBZXnb-kjOVKIkazxXowBExd3DVUqVUZsz6S1K6ABWkdKWFGY0XG6byruuw6yvMuB3UAKKYg&cid=CAQSTABygQiDpqsEy5-VvHNMykj7mycZA1zfOPGzhOn29NM7r-vSplBPvDpXDhs3nJD1MrbUB_TyLGFyIyXDQ6IDn0uVvrDgTgVuCCtH4jsYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=8229609436232912000&adk=356101037&idt=100&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e20642732d9248d13a1d8ac1cd54be5f0756c5efbc9e7639916cfdf649766b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38533
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ED67 624 B
285 B 36ms
36ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPmPnOYBMAE&v=APEucNXxQm_e2L_r0vlecPd866sTkdU1jyMJaxX-GEY7LbOCw3ivwmDuJyavu3E9NS89r6PMsuWE9T3rkVO_j_g2QlnbRlym74O-ZXoCDe97MLrMsuSxhK-DiTNUXaUlKVXh2-aVnZSyp1sGho6czDmJeX1uU1bOgKAx18OLCdBLOPe5Iqggrec

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 581E 78 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 581E 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CItjJ3iO_jR6D-Uv_C7BmsjzjBzflcjaqBsuSBo1vnMzezNQRxP6AIiF3GkVv2QElEDSew9WqgJX3Y_DeZNeNm8R816RRLUN8oW2w6Mf_zKdSKmss

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 581E 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3720802357460740310&x=1&ct=77

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 581E 2 KB
1 KB 197ms
48ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322077&sid=18330&dvregion=0&unit=970x250
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 02:56:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 581E 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 581E 19 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 581E 159 KB
49 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77F6 0
0 54ms
54ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304180101&jk=2558009072922354&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C80C 0
10 B 25ms
21ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qHzv5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ED67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1

43 B
766 B

32ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPmPnOYBMAE&v=APEucNXxQm_e2L_r0vlecPd866sTkdU1jyMJaxX-GEY7LbOCw3ivwmDuJyavu3E9NS89r6PMsuWE9T3rkVO_j_g2QlnbRlym74O-ZXoCDe97MLrMsuSxhK-DiTNUXaUlKVXh2-aVnZSyp1sGho6czDmJeX1uU1bOgKAx18OLCdBLOPe5Iqggrec
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ED67
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENMyJyDRRKq2efHAwjB2gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1

43 B
766 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPmPnOYBMAE&v=APEucNXxQm_e2L_r0vlecPd866sTkdU1jyMJaxX-GEY7LbOCw3ivwmDuJyavu3E9NS89r6PMsuWE9T3rkVO_j_g2QlnbRlym74O-ZXoCDe97MLrMsuSxhK-DiTNUXaUlKVXh2-aVnZSyp1sGho6czDmJeX1uU1bOgKAx18OLCdBLOPe5Iqggrec
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGEIoapX4IxUqB8m2l21Lqw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ED67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAi4b8_S1Wrfss8_5Z_1vBE&google_cver=1

43 B
1 KB

72ms
29ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAi4b8_S1Wrfss8_5Z_1vBE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPmPnOYBMAE&v=APEucNXxQm_e2L_r0vlecPd866sTkdU1jyMJaxX-GEY7LbOCw3ivwmDuJyavu3E9NS89r6PMsuWE9T3rkVO_j_g2QlnbRlym74O-ZXoCDe97MLrMsuSxhK-DiTNUXaUlKVXh2-aVnZSyp1sGho6czDmJeX1uU1bOgKAx18OLCdBLOPe5Iqggrec

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:08 GMT
AN-X-Request-Uuid: 1aee90f1-034d-41bf-be3b-6a01e62123d6
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAi4b8_S1Wrfss8_5Z_1vBE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED67
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Apr 2023 02:56:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 02c664a5-b846-4fe1-8dcb-b79ba548afef
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3OTA3MDcxODAyMDQxNTQxNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 581E 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9042685935338&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 581E 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9042685935338&version=m202301230201&ct=77&x=1&cor=3720802357460740000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 581E 15 KB
11 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A42EwbPc1svTraTxvgtsToHZ9Z_8-bzUcYAdHIQ-pw8CxZ8UhdvGKRK-rLktyFj7oKKwKepg6cxhLViedguFG95jnPpWRUoIhXKnQtJgMltdgyFTcmXyJ87K56dhN-wsdxBUNOatTA57t5UZz2yY4u4iO-D1eIAaJ6zm638mcIWOQJO5w&cry=1&dbm_d=AKAmf-AJDNm4S53T1WjbZ35LPBVgt46r9r4Oc-GcioORlXVL_WeB44Kz5v23ndVhQ9I9fpqh9gYxSTw26oKV_AKVtO84Jl_jbQk_wHhaXeWQsWOdH-BpUQJqJAzR82x-qnDhqAdtrCVVozinqiBF_Z2HDfdY9Bk6vqCH_RjrPdXUYlNmCW3P1QKEOBRaUlmwpH5km5DGQh9cx6r7c1KfQzS3W_m6bcH-KTIjDlrUVbVQjLDM9Ocr5q8ZoCrzqrgdO2ggxY4UA1WFKPExP1t2NJWnYCgp42-Ii-chjYx1owR7ty5se-WVsk0rO5qkVzBtU18pUrfc2ewc0x1XDCleYdA8u97p97dzNVLpO_Q_nf9IK9_vJLZVEZyDNqGpSDfQvoBP4k_yY3CWYE1G9NLoJcl05d2panDRe2VbXNWkcTiv5HAkSKVJ5ywYW0EclSU80SuAWXuQGQimwOYEu_DXKIb2tXw6067SqqG20XIe6pJPzyDVMs56Rcn1V3AuEl9aabGA2vR7UfEGxyDheKIfhdvveykqJ809s4IAh8g7Fui-ziZUI0kP8XdjqnOKTdkwQXZ91iTt416igTwBLTwfY9TkA3cnBGK0dvUu7Zs64IvxpAeICwOVbQyjsEigQNO2l90LOlSZDfzvS9xhZJuVOnCrNCimvty3m6BlgY8Q44-tqwvLQRkc-wlMnyrBwiVPJ5vBeaUcXbeEDja-bAruL0GMdCg74CyhrTSd5EjdhGsih-07T26xIzZVCk6uXfnQUKpe207aO6Ej2NIczg5vFl7nFWxSU4ZdYmKHyK4uwZknEP3ObNiwV4Qvn-EgYNZ4YC4hDxsZ0fLjoWzjDKMyDGcpdL8N_XdVLcfblCZho6iDxvRaOhAzI6FybULBhsvl3i4aiwF9KzDVW6L1leTNbvSm0YGpFk_ZKJOGP5n4z_kWvh8xVRl88Jqn7shvg_i4lTow_KVbkpv1aAWms4DaOmuhN-02AQMAQBnPtkcP_hpd4yqhF41b6T0jgZB-uBMdgoFy5isEUH2hLK_f-gAgFv7GZUF8U2vKDlD6ggQ1TF9zUS42iE7fT3qWBaESSNeXKM0sfwCUttAL7T2TfrvNH3c-wawJrAlJ79KlTwl5h26UqeKcODXwbK4mmz6e1-AS6utkMq3hSEL5XuFk6Qr6P_f9oq4mmHjUlbMJ-d3HHpAn0G7_bhd3l4yMBvsjwhMiRINYb21SlYu9X4RVb5dP8k4NqlcBBYc_Tme2XDM9SXTiVg0sOxmXM-JXMzeTATy0OY8KKegDfYkp5lrQkri9_jJ9eRYFi27hFXzXUNAyMduzW4s1XraEQkT7bHk6Cq9MR6Uj1K-iE5ZRJKSpi4Tm2O1DquXskBFf7phYM6hRu4XMLukqdAWryBD_HFbBE3UIA8CH8HkrVjjdeKV2tGgNcO02gIaqBgNhN0jOO4m3KkSun7GD8LMeb675__FqI5NppG2yX-tKs1oye-6HiTR-D_-ylxSelUeQJSxm76IMVGLkrJRQyJuTnQS40v7ryEWhIMA0O9BRa2w-S4rWsC3N-VpSDQ9O2lDfAa_0TdQUTmWC9h630oyD0zzke4d_NsCItNOYWstBpkKs1uWFxitR3z7SASBxWD2F6hl-2DodoevAM1uvtbBd-3JYbYa4Th--YqlYGPkGs6Yki4jI_MGdjMEKokxKRYrPmCYoWIIhKwN8Ln-x1PiiZy3N5yyG0t03Wb_Ns1No0hJcmE7s7HuS-RXk4KANyvlebpuPpTbsKp4RxaN9O6H-i6dc34jhepKO-mw_u4KsHx0RuQRwT-WI2gbZ1q4UkjfNOaF6sKuYKXF2XuCZxYJO6_wxC9RwAslf5jV6kj5ovWpz71L8006kZKXnhsDZKB1jPWOt1aN8-968SvL4W3RWqL3-SGh_wn2GnXQixwGCoxgLSOazD0Az0X4zTUG94ZIgVGrEWr5MQjhcf8cJiRQY1j494fkvdpQ3h6fgHc-xbyv3WnD2EdzxZNSaLiqVHZCoYp4E7ycWCN5rHv_1NDhevuh22yvS_4WppkNf4jGM_y-zz5SZI2aR5P7AX9EfUQ11aS0X4uGx-fcadF2QBBcYsKANro668kI4Efvmzl5vtgNJoRIUwiu0uDyJPqag9joGxJtOxCvWgVZDTOZflvIBu1WVjhLOaINtSAKKKxHzPRuDzjfvNmYHywknhFSP3FE_AZQYuoEGcn5dqh3Acto1F5F-iLY-H-IlQLDTmMTGZvHSfO_Q7gCd03fyzTO7u-3KT8i5Jlb0_twsFPtaijfG3Zm7JaKeBXZPqODNyjsjnGuo50u07OZD4SH7W9hmYa8ksX32-ma0oZefwE9zmWzcJo534VqjfLyWietkmjzOeThKXZVBuSWNXB3iirTkTYQyZ6LRnX1SMYdGODgDQK5-pu-ydFb1T1_2kA6l3Mg-iXjyQbJumOCKf7h71pG-hZOnQ7GoCfs2SrHynqS6cmNOe8ID0PFUomIucfjr6FJqfVwEC7Zi2ClhxrZd85lF55Uscs80VTd4lHSR8PlZx4gN0ADC_dnIiTGNwXsV3nXPazOX6p1-wk0qkcb3FFm1RHfP2Fdm-szQsKBe4t-9_CGMxTbv_f0kdII7v8XXEKMb1egMby94IsHmA0lJm1K423enZvmbgv2BwB3kCZ0fV8JNKi1oSFn-JVmDF3IDdkh9jSoSUp2K1k_Suwm4E3vHkfQquPS6Nstt4PlB-Ws4LBbUO1JUU-vE50t6uXfR7OpQbGBJb_WAjfkzaLgRLfh9gpHbw6-r7CVmCEUs1T7v5kTS2TBvqj1xfUa9UlD-lHE2S7mtBUmT6RUPBjnoxwBMl1N1P8ZPxur4bf2CQgNssUwSYHIqi-haewfcooDh6sG11sdUDdUgU_50oVDqbN_saFtWdO7XJOfQ1hu2SzW7J0t9v8ig8EmKtVy5R0ULbdlOmc7RRvzrkOLdvgh0WhZ5xdG7E6C8iq4GPNJn753y4I3CpQsio3_FNTGZivMl2m0gJkaImmYlSRMCoG69HUYmyL24kjIGpCziKb4M9XDIaBYqctoMpXUOAEsObTyF8a-IKVyqhRZ4BMssObx5quJDvDt3HwUG8DHyN2ebb10KlL1x-F_h5FFAYbGx8Z7Qd7s4AnXvFG_EYHvK9YqsUA1Vm7jylPNcOPuTQ6KjCbzJOqRu8SfGK76pSVO1WzscRBEeFBrc8cR7rIre5I8G-NIERZn0BhI_ILw_j3fsIxugOCZyz8oML5OawZ4V2lTsBz6yLGuEbo_Lj2Lw4UgzyWfFUO_8hCP16-HdhZTvgcIk1BaEzUgFhLs_4jjnxkgiBmAxrdUZgV3rHJNu1JjSKR8rMn0Uc5ioBkaL5CzLWDqFSKYd2LU&cid=CAQSSwBygQiDmylI-WIBZW8dhdBgbcmWYc8B_ZnD5DXB2SUqyr-fa3OP5vYjrRgzVX4bjxOzG_CvfT25XtwjfZdyuEzFgQr34Gs6G3UCcBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=3720802357460740000&adk=1964084972&idt=48&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

516eb32aa8c995fae3a667faedd51fe701d46130c2d52996d6b1326ce3711511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11203
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9F1F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=koooralive-tv.net&sn=ChromeSyncframe&so=0&topUrl=koooralive-tv.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8pvmPXxXRHZqTERjdHBYZ3hzbDBWaGlnNHFtbGQzSzZjRGNOYmFQMTlpRnV4cDRLZTlXcFJLc00rMFNxMjVRd0p3UzljS1B3MlEvb1UwTmttMENtMWZOdmdTU3RpS1liTk9mdVJVaWdud1psVmdlbGdtNDNSMEQ0eXJEeE...

452 B
675 B

122ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8pvmPXxXRHZqTERjdHBYZ3hzbDBWaGlnNHFtbGQzSzZjRGNOYmFQMTlpRnV4cDRLZTlXcFJLc00rMFNxMjVRd0p3UzljS1B3MlEvb1UwTmttMENtMWZOdmdTU3RpS1liTk9mdVJVaWdud1psVmdlbGdtNDNSMEQ0eXJEeE0xdUZFMXd1NW9oNnREVkRkcEEvQm4velMvVEZmZjVwcFBqNTR5QjVSSEp2SGtEWGNFNlo0b2hDNHZ4M0lVWG4ybjlSOTdrWEhLSGcrVnh6U0J2VXdDMGk5aU5hSjFSZGZ3bFJsdk5RVE1UYUFUU3lEYUNvVkZnWVRESW1tTnBKOU5DZHp3c2cxUFh0WTBPSDFaQmhwR1ZoY2ZMNzJIWkJYeGt0NXBZYlVYOU9YQkxWc1Yzcz18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

256de7cc9cddf5288d26626c54b432eb3e75da4e70a90e61ec789c1861ba4f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1282183
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8pvmPXxXRHZqTERjdHBYZ3hzbDBWaGlnNHFtbGQzSzZjRGNOYmFQMTlpRnV4cDRLZTlXcFJLc00rMFNxMjVRd0p3UzljS1B3MlEvb1UwTmttMENtMWZOdmdTU3RpS1liTk9mdVJVaWdud1psVmdlbGdtNDNSMEQ0eXJEeE0xdUZFMXd1NW9oNnREVkRkcEEvQm4velMvVEZmZjVwcFBqNTR5QjVSSEp2SGtEWGNFNlo0b2hDNHZ4M0lVWG4ybjlSOTdrWEhLSGcrVnh6U0J2VXdDMGk5aU5hSjFSZGZ3bFJsdk5RVE1UYUFUU3lEYUNvVkZnWVRESW1tTnBKOU5DZHp3c2cxUFh0WTBPSDFaQmhwR1ZoY2ZMNzJIWkJYeGt0NXBZYlVYOU9YQkxWc1Yzcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 330187
content-length: 0
expires: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame ADAA 243 KB
73 KB 173ms
47ms Script
application/javascript 52.211.63.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iLLPbg2asGnVsXVhwxzBpi
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.63.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-63-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 68b1aabc55846890a04378abf3b9d1b1843fadb4f444d5c14d4dde291ac33423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame ADAA 106 KB
37 KB 89ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Origin: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame ADAA 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D49Ycj6D5hm12YyI-Tl9VeNPt_yIBkKtEtuhxZ2H65aGRrDVN4ISh6BRMGo2nbs9w-Dp7UowHWa6sw2oifDZASZJP4mYbHP6KUBMIj2slw_qn1ffcdBEJMWo4jCT4zl_4ti3Ldrsde2VYqyiOuETXpNXhnvUl1fNAr38UIld6gCHkY9OA&dbm_d=AKAmf-DtQhdstIgU5y8rwllKJR7UDGw4uhabZ8q0JPA-T3IwVPlTKCo9OyzhuPXW7xWQpz5d95egqd8Y-QY8j0OI9XLtF1aFvFNsqI03CxlG6HU1kcpXbHqyJOShO86oubO5IaL5n5iOCI_13059IBpkZJzu3mkhy8O6e6x2189m8ZBTZwdQPzs2lxzrgMvKsjEXoS0vrLWjLlHO9gvppZv6ckwoOLOOS8-rRCAna1_swMDGesIYvL4ulwxJKGaLEeHQLOIIMgLxHrmYji1vA5CXvHU0MP50TlAHcv1Op2naX3MC_NZ26-_C51Oj-DHHm9GZFmdvpxd3TzFpXsaZHxKng2eOjdjkvIfPKxHnPSV2F4LGl7H-EiU2QEJGL6mWvrvUgoE5kjG6XBNks6-Nc7qjS2fWJWXPsRsxUOOEFfNOaRzMMEThRpmFtG5RVws-7v223cOWrk6M_6f5WEMNLPRMSfMZVtyoKqZvscFEbo8tR-jqt8vhsQIY5SnKuaZ2QWuCCq8qFlgocD3_eM2vkxK3zzzrltZ6c14juBm2g_FEewv5qEyOJYc9pFXNO_OZ3kVin4N2nokTRVt_7-O_DzTvQsO1pDWT5JBFlDHJWztMLezIfT7_8GX-gV06Ax0GaLDffr6FJ5dfWeXDoZqO_JalXFcOI0oPW48rhTjhDB0z35p7jhATvVmodUHh0OiST4JxKP8Kzvcg0KJtOSs_jaYoDz6DlXvw6ou08PXaEePxsJnLiOsvSix4HHTZKj1rZWpr_-2kjfc9Wa4hPzwewWJu9hrbxZWdiV0q1qUFG6gveGixdFKBMKRr_ZmgmWw3DWrJWFTr5BR3e6ojX63qQnTbVYyqKppGHt7x54jcN4_3x0tGaA58J3gB4qtmtIt4NeXJFsIs8IKlI3dhAz41uURX99Y5EH3IIkL4105hCJIMlzSZWNJ1FNzJvAAa99NXzrYnMJUlN5ijbNM7QZqM4AQ7S6ds-_3mDbWjmcxZzFEKSd0Lk19IhW2s_qmrEbX5-HRnq8lSAf2DArxPiDVz0ZvyMiQ20VBh4ZkpH4GjO5FCg5Fsj1ZDTMATzDzDPkkmXMVyKlMUwDa3094zGaB_We7ry03RHvSszUh06yv8ePLs92K9ic5hBq5bG4eCMew9XG3fnP0-GV7RseiZkxGlaLTf5VYpDlllNhmy1pYSVYs84Z1LthBZ9zEqOogYK2CZ7SP_t3HchRrSm68pZO7S1OF7D4nEcVUBu2uzgs5YfG3hHWNxSYxV0JpCtGlkI2mrOL0I47HVdqjlWoYXWlNVf2ZVc_X65JKA9xl2ZyjbWVqwPT50Rat2mCMT65EWQpalIInIEqInCxoKutuuOwUe7nmxQ7oogWCJPZqaUglylu3dmQB--ajvVa0IGfb_PGsVjIFV9y7GtdOSoFqVzt8wdXJbx0Da_mtssreIis7kkLLfbMKhEyzJI6O7sZxA-VLuh89vA12PQ1kwo6ncKdBEspHcDmtxhOgBcOzbBDP_rQfBswPswloOrzX3IKwk6ysEVNpDSxI-7En-izwGpdJc9dT_q_1_9cTAZh0KBOBZSy6P1fQKltY2_YLT8uxEI-lxTkQ62vsr98XW7rFCrxC4AeHOgve-u8In_KR7lYsKI5EAuGcjqqI_iZ6CxY4rIeZI9nYuMAdATARq1L7i1ptHeGaaV-1SUdTXznhQi6p0mQEBpnDLwdAHICKwY7BrZ4E6VPvYv47Z9O25KKxrwJsKSyLmNjEl5eGgu1O7bk4bvepK5hpeLFXw7ufvTX-Shr48pen0tvrJMA4yq-datcrgaEwgW1_qGucG55glaauFgthzFjjeJ8b-UVWTcwpiYmdCOEvvRdwMgb8IWU1mmWJKYouhCNN46BbgKEpel8HAB7aZYMA7ee1O2cbJvDaWBguVtGrGgHXOe1tLKgvwFFszM3FhFv_dwVly4aV7-t8TY0DCuObr7KXNrtxPw3Po1V7YOTISBdG60aMOnwicgapVIGbgYaLuuw6IdSP2MvQJNbS8Je2FbvXt7IrG0a7uYrt7N3OLKTmneEQBvLvbqGaPMiCz0lM4Sjf0YiKtbAOhglzA0dovD9pPHWu-eWI6Mfsrf7hocOQgDaeFXq3C47haPKL-58WCWaQ7JBmL8ne7j-kPAJ5yVqfolYRxa_L6sk8ITzWFwB4rLuPt7yAKaFgPjTE-fPGsqoqfzMam4NKcRI7UyhF5t2OJGo9mEjQv0vbpAoNF_c4KwUOpziStvCCZedyY_wk57Lc0-f327m5JZE-YlJFN_wKm0OA_Q22fYRYln5ng7_HA8rYNXnSQmFZXa2xc3wcy2ABLbLAxSskPgEyMyeTzgtoRZgn-u8CL2_EdYR1koItgk850GzUCmRBq_1DK9VBytjgcq9Jxjj16vOuykwGH8Z-oIznsacawT8K2WHqInqAkl9yCC7PJe86Hgt_yic8yKrFrRfYcO3Rfm7fjjF2eaBXtWLIuqMLJPGlVBjNiS0QyKGtqB--tytebr9QQ8YtC-8mIvR29t92Hc-hHy5S0xejwkJ4s3cXUsKcwcTy6dGKPI3tTk-uKfi47qkgK0Gq_r45dvB6ar6bKPQY7KuLHsEITaTKnXslcg7wLjScpwlzNSyIMqxH0qNe07EgoWuUtGAqnxcwS0rB_ln4STsdTbPNK77USltkaIFG2-MEu3EX27WO-wc2rJsnCuqCKhvrXGJE3Uuz_mRear7mNfRjSm5zP-XTFDzJaLCFMu-jy4HjSaZuO6_9-Ww0PSXnRcklJsBVFPJV-3rtil1NSahBQGmRhYFTBbNHDWUvux0fNPGvIcWOYiqjktCRAIDZdztwBIz_WmjnADNpJSBklc93wsFw2WODcAlJj_N5O6SUhEcdnPOk_bSDFfyn7zIgLCkITf-lhbIW0Da5XMeskV6Ou12hTGDJfPCmgnROPqWF7GfO2v01lx-4NLcTFIqj1rGWjmpOmxTDEPnOxlkGJIpQ4tdSPISAwQq68mxPY1aqCtTXNkiWwB_PVQqI8YKeJMvwjKc5sjCwYXP-zETj62ewnxdb8G-cW_j8cwVr_x3TIzkERkhV_EYVIR9dUhFxBAgOlNBBEJm3S93JMCM-rycQOF-vEQ_XrUhcwmBcANBUavvC1vriVWKGQyDiTr_zFH-GmGWK0DL6ftyN26fakivTy33Vq3unGCr7Oa2FmvRBtg3t2JUxrTEg8Bcdp9UaSivzhHcVvZuLmpQ4bZCGFdTfwJslAhwI4Umv4Wm6Fd8WVFRfYbM5Koamab-HGfpJrc2ui6RLJDRFN8jRVtVRUopxG0XsLqqgl0gD8AOPKhnewNy6vY2hDyyEuAL2ydVnI1g0mU-exIo7--yLhUg9DGnXCVJuv6-eLxUQC463wkwahWFEHpJ2hLH3_sk778x2KHyj_r7PYTzedRA4uRv3rFE-C0ZpEh7zZ7Wt4TZQG4jJlUFESxmKs9oiaCJmgfREgk225pQxkzDGW6Bj4cbvDxRefMZypFSkqEZcEBdfOEAAWDa7xTzLnFyMlMdsDyYKbAE0b7-ybTGhAWJG5Hmmwco9GHZym153il3xQeQf7non7RzfFVv6MXYI6vz-8ckGwtaQhvq8O7OsrFRdG69G32OBIZlRSVtfM9VYBPmi5EtyRqZiKdCGluboORxJ8AK1dz4afEnqkvIN1rzuTpRPmG0ktcRqPDoWnXrRy-5CUtnF-1N3fngGBdrD_ExB9OMzPgkQBZXnb-kjOVKIkazxXowBExd3DVUqVUZsz6S1K6ABWkdKWFGY0XG6byruuw6yvMuB3UAKKYg&cid=CAQSTABygQiDpqsEy5-VvHNMykj7mycZA1zfOPGzhOn29NM7r-vSplBPvDpXDhs3nJD1MrbUB_TyLGFyIyXDQ6IDn0uVvrDgTgVuCCtH4jsYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=8229609436232912000&adk=356101037&idt=100&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame ADAA 28 KB
11 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ADAA 41 KB
15 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
DATA 200
OK truncated
/ Frame ADAA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1badf9524c947f03ace147f024101bb55f1de972619af328361d41d877f8282c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.net_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2DPEGAZGEY2C3ZVBVS7BT
date: Sat, 22 Apr 2023 02:56:08 GMT
cf-cache-status: HIT
age: 280632
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba97871c573a91-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
734 B 267ms
266ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=279021117677854&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C21e64a41-96d0-44d8-81f5-4387d89c0c3d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=1158043729&didk=189456234&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Df3913294-8323-405b-83b1-f5e67365b73f%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D50&eri=1&sc=1&cookie=ID%3D637ceb1df3a3d13f%3AT%3D1682132168%3AS%3DALNI_MbdfSGxxJEzDLNl40DKfKrKv6FxhA&gpic=UID%3D00000bee188cd035%3AT%3D1682132168%3ART%3D1682132168%3AS%3DALNI_MYZpira-dFBWEhuKmjoAaUxZZX9uA&abxe=1&dt=1682132168818&lmt=1682126138&dlt=1682132167612&idt=387&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYy92Pt_owSABSAghkEhkKCnB1YmNpZC5vcmcYqt6Pt_owSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMvdj7f6MEgAUgIIZBLCAQoIcnRiaG91c2USrAFEblUvZTIyanpwNzZXM0pXNmdoaUNydVdMWHFRNEQzZ2JEMWhPVERIU1RjWFQ4dHo0THQrMjRCNDV5UjdYVkZXM3VTdmtxMGdCWGd6aGFteTRCL2tmSDdxL1hRUFQ0c3R1THQ3ZDZPWEZkTjN2bTh6NVZIaTVVSWNXRmhlbnM3cmgxQ1ZSNm1kMWRJV0xPN0Zsc1E3czA2QmFJYjhycTAwQXRrUC8ydWNvY3c9GPDfj7f6MEgAEhkKCnVpZGFwaS5jb20Yyt2Pt_owSABSAghkEhsKDGlkNS1zeW5jLmNvbRim34-3-jBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cc104e5212e8b79974a5be0e9f75a217337b3cff3280b8db644a789b842b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 705
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5680 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sun, 21 Apr 2024 02:56:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 581E 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A42EwbPc1svTraTxvgtsToHZ9Z_8-bzUcYAdHIQ-pw8CxZ8UhdvGKRK-rLktyFj7oKKwKepg6cxhLViedguFG95jnPpWRUoIhXKnQtJgMltdgyFTcmXyJ87K56dhN-wsdxBUNOatTA57t5UZz2yY4u4iO-D1eIAaJ6zm638mcIWOQJO5w&cry=1&dbm_d=AKAmf-AJDNm4S53T1WjbZ35LPBVgt46r9r4Oc-GcioORlXVL_WeB44Kz5v23ndVhQ9I9fpqh9gYxSTw26oKV_AKVtO84Jl_jbQk_wHhaXeWQsWOdH-BpUQJqJAzR82x-qnDhqAdtrCVVozinqiBF_Z2HDfdY9Bk6vqCH_RjrPdXUYlNmCW3P1QKEOBRaUlmwpH5km5DGQh9cx6r7c1KfQzS3W_m6bcH-KTIjDlrUVbVQjLDM9Ocr5q8ZoCrzqrgdO2ggxY4UA1WFKPExP1t2NJWnYCgp42-Ii-chjYx1owR7ty5se-WVsk0rO5qkVzBtU18pUrfc2ewc0x1XDCleYdA8u97p97dzNVLpO_Q_nf9IK9_vJLZVEZyDNqGpSDfQvoBP4k_yY3CWYE1G9NLoJcl05d2panDRe2VbXNWkcTiv5HAkSKVJ5ywYW0EclSU80SuAWXuQGQimwOYEu_DXKIb2tXw6067SqqG20XIe6pJPzyDVMs56Rcn1V3AuEl9aabGA2vR7UfEGxyDheKIfhdvveykqJ809s4IAh8g7Fui-ziZUI0kP8XdjqnOKTdkwQXZ91iTt416igTwBLTwfY9TkA3cnBGK0dvUu7Zs64IvxpAeICwOVbQyjsEigQNO2l90LOlSZDfzvS9xhZJuVOnCrNCimvty3m6BlgY8Q44-tqwvLQRkc-wlMnyrBwiVPJ5vBeaUcXbeEDja-bAruL0GMdCg74CyhrTSd5EjdhGsih-07T26xIzZVCk6uXfnQUKpe207aO6Ej2NIczg5vFl7nFWxSU4ZdYmKHyK4uwZknEP3ObNiwV4Qvn-EgYNZ4YC4hDxsZ0fLjoWzjDKMyDGcpdL8N_XdVLcfblCZho6iDxvRaOhAzI6FybULBhsvl3i4aiwF9KzDVW6L1leTNbvSm0YGpFk_ZKJOGP5n4z_kWvh8xVRl88Jqn7shvg_i4lTow_KVbkpv1aAWms4DaOmuhN-02AQMAQBnPtkcP_hpd4yqhF41b6T0jgZB-uBMdgoFy5isEUH2hLK_f-gAgFv7GZUF8U2vKDlD6ggQ1TF9zUS42iE7fT3qWBaESSNeXKM0sfwCUttAL7T2TfrvNH3c-wawJrAlJ79KlTwl5h26UqeKcODXwbK4mmz6e1-AS6utkMq3hSEL5XuFk6Qr6P_f9oq4mmHjUlbMJ-d3HHpAn0G7_bhd3l4yMBvsjwhMiRINYb21SlYu9X4RVb5dP8k4NqlcBBYc_Tme2XDM9SXTiVg0sOxmXM-JXMzeTATy0OY8KKegDfYkp5lrQkri9_jJ9eRYFi27hFXzXUNAyMduzW4s1XraEQkT7bHk6Cq9MR6Uj1K-iE5ZRJKSpi4Tm2O1DquXskBFf7phYM6hRu4XMLukqdAWryBD_HFbBE3UIA8CH8HkrVjjdeKV2tGgNcO02gIaqBgNhN0jOO4m3KkSun7GD8LMeb675__FqI5NppG2yX-tKs1oye-6HiTR-D_-ylxSelUeQJSxm76IMVGLkrJRQyJuTnQS40v7ryEWhIMA0O9BRa2w-S4rWsC3N-VpSDQ9O2lDfAa_0TdQUTmWC9h630oyD0zzke4d_NsCItNOYWstBpkKs1uWFxitR3z7SASBxWD2F6hl-2DodoevAM1uvtbBd-3JYbYa4Th--YqlYGPkGs6Yki4jI_MGdjMEKokxKRYrPmCYoWIIhKwN8Ln-x1PiiZy3N5yyG0t03Wb_Ns1No0hJcmE7s7HuS-RXk4KANyvlebpuPpTbsKp4RxaN9O6H-i6dc34jhepKO-mw_u4KsHx0RuQRwT-WI2gbZ1q4UkjfNOaF6sKuYKXF2XuCZxYJO6_wxC9RwAslf5jV6kj5ovWpz71L8006kZKXnhsDZKB1jPWOt1aN8-968SvL4W3RWqL3-SGh_wn2GnXQixwGCoxgLSOazD0Az0X4zTUG94ZIgVGrEWr5MQjhcf8cJiRQY1j494fkvdpQ3h6fgHc-xbyv3WnD2EdzxZNSaLiqVHZCoYp4E7ycWCN5rHv_1NDhevuh22yvS_4WppkNf4jGM_y-zz5SZI2aR5P7AX9EfUQ11aS0X4uGx-fcadF2QBBcYsKANro668kI4Efvmzl5vtgNJoRIUwiu0uDyJPqag9joGxJtOxCvWgVZDTOZflvIBu1WVjhLOaINtSAKKKxHzPRuDzjfvNmYHywknhFSP3FE_AZQYuoEGcn5dqh3Acto1F5F-iLY-H-IlQLDTmMTGZvHSfO_Q7gCd03fyzTO7u-3KT8i5Jlb0_twsFPtaijfG3Zm7JaKeBXZPqODNyjsjnGuo50u07OZD4SH7W9hmYa8ksX32-ma0oZefwE9zmWzcJo534VqjfLyWietkmjzOeThKXZVBuSWNXB3iirTkTYQyZ6LRnX1SMYdGODgDQK5-pu-ydFb1T1_2kA6l3Mg-iXjyQbJumOCKf7h71pG-hZOnQ7GoCfs2SrHynqS6cmNOe8ID0PFUomIucfjr6FJqfVwEC7Zi2ClhxrZd85lF55Uscs80VTd4lHSR8PlZx4gN0ADC_dnIiTGNwXsV3nXPazOX6p1-wk0qkcb3FFm1RHfP2Fdm-szQsKBe4t-9_CGMxTbv_f0kdII7v8XXEKMb1egMby94IsHmA0lJm1K423enZvmbgv2BwB3kCZ0fV8JNKi1oSFn-JVmDF3IDdkh9jSoSUp2K1k_Suwm4E3vHkfQquPS6Nstt4PlB-Ws4LBbUO1JUU-vE50t6uXfR7OpQbGBJb_WAjfkzaLgRLfh9gpHbw6-r7CVmCEUs1T7v5kTS2TBvqj1xfUa9UlD-lHE2S7mtBUmT6RUPBjnoxwBMl1N1P8ZPxur4bf2CQgNssUwSYHIqi-haewfcooDh6sG11sdUDdUgU_50oVDqbN_saFtWdO7XJOfQ1hu2SzW7J0t9v8ig8EmKtVy5R0ULbdlOmc7RRvzrkOLdvgh0WhZ5xdG7E6C8iq4GPNJn753y4I3CpQsio3_FNTGZivMl2m0gJkaImmYlSRMCoG69HUYmyL24kjIGpCziKb4M9XDIaBYqctoMpXUOAEsObTyF8a-IKVyqhRZ4BMssObx5quJDvDt3HwUG8DHyN2ebb10KlL1x-F_h5FFAYbGx8Z7Qd7s4AnXvFG_EYHvK9YqsUA1Vm7jylPNcOPuTQ6KjCbzJOqRu8SfGK76pSVO1WzscRBEeFBrc8cR7rIre5I8G-NIERZn0BhI_ILw_j3fsIxugOCZyz8oML5OawZ4V2lTsBz6yLGuEbo_Lj2Lw4UgzyWfFUO_8hCP16-HdhZTvgcIk1BaEzUgFhLs_4jjnxkgiBmAxrdUZgV3rHJNu1JjSKR8rMn0Uc5ioBkaL5CzLWDqFSKYd2LU&cid=CAQSSwBygQiDmylI-WIBZW8dhdBgbcmWYc8B_ZnD5DXB2SUqyr-fa3OP5vYjrRgzVX4bjxOzG_CvfT25XtwjfZdyuEzFgQr34Gs6G3UCcBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=3720802357460740000&adk=1964084972&idt=48&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 581E 57 KB
19 KB 52ms
51ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322077&sid=18330&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 02:56:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E57F 22 KB
8 KB 24ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 233149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 46F2 141 KB
22 KB 74ms
25ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 232293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:24:35 GMT
expires: Thu, 18 Apr 2024 10:24:35 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ADAA 0
0 149ms
69ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1GFO70GWTCUONIzzYQcaQg0LjSoEFEnRgsFDlsSQlJu2VDmkw-bHVcrb2uKb0Xq2kvZHkuMaPfXVYbO7ejV_2N2jj495fFUfPTY74q4pCPhQsX5aNG-UNyYuL6DGhuxwpNWcIfC4x2KegWfS_6gHxWtoYFbfTQtDYFhdJxU-kYOmh8BfNVfBpLJumt92JXT-8XP0H1eS-66V6QCj9l1Jpp9qjJwxDHV8-RJEA_G6qwVCrVys6o7FcykJPsdMp6ufzeCU2f2_R8rYsBWPTEZUOjtHHIWIjBcgByednk7AThhDfff7ezj0DAlDraseR07f8R98p5ovJdAPppxo-ZDbLlCXB7TKL4Og1d2qpyAumQmeLo-4_yCaExzGQ5UEriX-6vgT1z0535lExPu3TjcpDwDGRL0pI6yy1WQcb96YfKWaVXpCd1oALNrcfEYGigiPD1Jv4Ua-p9-G77-jd3zasgpjRNTSeKGxQhnRJd6z_Fg9HusZM199Qf22bZOEQXpexC8348C0_wEgsA0dJLvIdxKUHPZ27bQTh_y43LbLWLvxJNNgWZS8MzoP2wLkPC6QfSjh8e-1B3d_0uvkqTD1NrKKTevYGQiMg_qfXlvMTfTGHdSGU8sLz0g10lO6ik6ChB9VwhH1apN-5R0tkjZD4Kfx7jgZCVSlO7egqIjTLuVvyn1ncGsB2anXlpn1jk9zsT8NHWo6g01sSLVJBy8iQj39WI4Sq68WXc7GtqX4gdpSas8yPA3ENEYbuIUDh_d3075GSRW0Jycu4Da1IA7Xhl-XsJ4YW7x-XbteDGx_Rhl_Gs5vTAl1UqUCqC-7wBeJ0n0w_ALGARdj89xp-uupTD06eLQTKI-fqIWYucRh_NYXK7_OTw39h6aiz8IMh7Hq0q7CDRw9Ocu_sLFIKVwhHhLSMpXxK_RheYMyWVAyRCCaCg_KkHEyRGQam7Gku1lnEVgm5yd6xvI42t7yk9miWG8uwfaGH3a47yo-ElDHcI0TEjESQYIWNYo34q3gpwdTHb33utbjsG0_dgVkeAyLdzGe1ajhtdDEAJOVRD3V5aKXPSr_AywBJVPtjgsk3gpqS-wQjiQ0Y9HyBkHa39-rspMqYuP1cXL_4DmtkR-vtnSfnbzXDCMvHlyr9mGBYOlj8C-Sy38uHloTpbiDhDcEstq1on1EwD-lO_yps82VayC4rRLkpyJTsbaaXm_ZnLYWV_GcFnsB16pb42scQ6y5zklTPVY1Xemj6TPn_qoLjvI1HIOu7Hm5u98a_o-3YV2YMkwi99is&sai=AMfl-YQ1IrektfpeZxA_YNBkuFTE5G1X97cYbykEPeNnzKjeZy5F97lHNCz9PsSHyjjzfWhwSkdArK2EJJ5gJtPkPdrOEQB9dHeR88Vw-ti7l8Of9SkRlNmhcwppjQYNyHRt939smTvox_lZ-ShOXgvfN_Sgru3yTERzIgEGFmUsunf6n0xMfO_HCzOaBOjCw_79ZHOXiO5GQHcS5oD6J4b0y6p-wOGhRAX5sD8kRk5n4DE5vZPhqRXHaW3Yn00rBYMiNC-nJmAm0tMlb1oi2upkZpGzGOsGehzdwIyC&sig=Cg0ArKJSzBQ3ZsivJ3e1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=161&cisv=r20230418.58124&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF67 640 B
265 B 36ms
33ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWM-Ei43WeOduL43NnFGxDWnnExQ9RMWU6oumJAoDEndEGeLbl0_4XEcopb0dY8SWBxKRClCBFbTEeWIfT-9kVbl3eeo_yHxSXLV5umHQCObAJ6JZW6xSUROFLMXdRtfqqfwGRet7ySA30O_H4_zZwiy8S-uYA14g3-zDybrO3nN4yCCus

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sat, 22 Apr 2023 02:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5680 78 KB
27 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5680 42 B
63 B 57ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COR1bvDb21_fDTl-uYWoNpp2uO1F5zL-8HTX7IbjGSFoWC5OFMlOiO0HkAHQafySX6XoWgrSiNKfbOzAhn2N4WIAuNmfFu7EX-l2nJYdFNRUT9hPg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5680 0
20 B 58ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16848221677295290846&x=1&ct=76

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5680 3 KB
1 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5680 19 KB
8 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 06:15:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5680 159 KB
49 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3A54 22 KB
8 KB 32ms
26ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 233149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame E57F 36 KB
14 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 581E 654 B
721 B 182ms
31ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_15894900964&jsTagObjCallback=__tagObject_callback_15894900964&num=6&ctx=15911784&cmp=203336&plc=7322077&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=15894900964&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=112&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2%3D%3AG6%5CEG%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2%3D%3AG6%5CEG%5D%3F6ETar9EEADTbpTauTau57fd_2he2c3e54f52hf%60eh5g_2%60h777a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=9.70&callbackName=__verify_callback_15894900964
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 344fdcd061a2cc84026042ce47460c9f4a4c3f05178d8c4b08f71c1d20e5dd93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:09 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 04/21/2023 02:56:09

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOd-hIfE552QaaFoaWMf6o&google_cver=1

43 B
114 B

30ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOd-hIfE552QaaFoaWMf6o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWM-Ei43WeOduL43NnFGxDWnnExQ9RMWU6oumJAoDEndEGeLbl0_4XEcopb0dY8SWBxKRClCBFbTEeWIfT-9kVbl3eeo_yHxSXLV5umHQCObAJ6JZW6xSUROFLMXdRtfqqfwGRet7ySA30O_H4_zZwiy8S-uYA14g3-zDybrO3nN4yCCus
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOd-hIfE552QaaFoaWMf6o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CF67 43 B
304 B 87ms
30ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWM-Ei43WeOduL43NnFGxDWnnExQ9RMWU6oumJAoDEndEGeLbl0_4XEcopb0dY8SWBxKRClCBFbTEeWIfT-9kVbl3eeo_yHxSXLV5umHQCObAJ6JZW6xSUROFLMXdRtfqqfwGRet7ySA30O_H4_zZwiy8S-uYA14g3-zDybrO3nN4yCCus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CF67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESED4RQCh6Pz2RLwkEYwtfdkk&google_cver=1

23 B
172 B

75ms
45ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESED4RQCh6Pz2RLwkEYwtfdkk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWM-Ei43WeOduL43NnFGxDWnnExQ9RMWU6oumJAoDEndEGeLbl0_4XEcopb0dY8SWBxKRClCBFbTEeWIfT-9kVbl3eeo_yHxSXLV5umHQCObAJ6JZW6xSUROFLMXdRtfqqfwGRet7ySA30O_H4_zZwiy8S-uYA14g3-zDybrO3nN4yCCus
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sat, 22 Apr 2023 02:56:09 GMT
pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESED4RQCh6Pz2RLwkEYwtfdkk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CF67 23 B
172 B 134ms
46ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWM-Ei43WeOduL43NnFGxDWnnExQ9RMWU6oumJAoDEndEGeLbl0_4XEcopb0dY8SWBxKRClCBFbTEeWIfT-9kVbl3eeo_yHxSXLV5umHQCObAJ6JZW6xSUROFLMXdRtfqqfwGRet7ySA30O_H4_zZwiy8S-uYA14g3-zDybrO3nN4yCCus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sat, 22 Apr 2023 02:56:09 GMT
pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 46F2 29 KB
10 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 03:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:57:24 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5680 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4307065124775&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5680 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4307065124775&version=m202301230201&ct=76&x=1&cor=16848221677295290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5680 96 KB
38 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLb32A0vmvPbvfPl9EmNyz885IZNGrRqUOJ4ROulHrBxv2_qrr8ddfxkTUAJbdMq0CAcpfGe5L4Tsa1WmcwXgYdoD4uK7qWTgRXprw2LGIeUIfMHgGGTTy4UIIlTl4wrw7amht87wpu43BXvKO8AaZOlLh1w-r3kn9ZMOCuyeBrAu92L0&dbm_d=AKAmf-AALaIAebJ481rQBinxPBK_-fnpLnVaK95ZCnhFvtibKmRoYEudE6RwrRO0gI-n-j_6vREFu0KjdVzk7pOD5l9tis0TK7kRDJb9djJrFPXCu4cIk4CEf0v1p2bIupInb1brUZp04SXFdqleHdVsDue2Zonfr63azOvKClldUbJRVmUiNvczL63tHLunoHmd270ldloye0NugtFR5_lvkhhnzoZD_wEfr0mRCIDN7_Wek4WY6EM6WOVpLSv5_ROWYnIEGTnPry6mrdaUzYQBgPgxE67dTQEHIbJb-pKn-Czabb9R7eSjNtMPgLzBIKVIcbyarFkwLd4VyNYxj1-b2qxs1xaVj2lTee4bYvfrJlJFRLXRTNrEs3-UKGX3wytPB51zVcL8dsBkwwO2erh8yfRMMWJJ8jTFg6rvJRBnFrqytOnmwhnIrupLJacyKLYg82RMoGlTlbaMHrBjsrXARAxoBOwHAtNoDpyECRrO__Sfec7WHuo_RD7RQt1ULy8yhpxZtecM9SJ17FUTFSIdIgzJizrFItxYHVqddtHNLrPUEvKRI2Jk7kultILayI1MZLo9KV2wTbHgRTI_d52-7leAXnQAKKyH5YV2wbK1sLOYf6Z99E4f3Bb8UcckYN_i6LmHKFRGKI-pM2X1VtHMqbYr3_dsOgKnuxgJMW_hsj3FeznUeYXTxpIOwQ137v6VwWmkogFboo2mnHCG11QAttUY9K8za210Vxr_x9tiHv0hdFVurmvrZdA2wYWbAUpPHnjkThJQ2u-4Tu8_g78CrtNixrplWa-i6LknnffqEzpN2oi6-yqwEvavBNk0tFZ7kEO6wsowOLCyNIUjVJwpKnvOzm30kIdk1Iejx6qZdaZiXvWOdosG2lxImGqRAFXw7eFuJTUFPVgtvChuPJ9g2h4J3beKNCEmdWuFt3bCHpr856d7t54oVfNZNmOuX4D__pFAdSA1cnZ6o75xmvvdZTY0d0eKnOj2TDyOGgvb23vx4RW6RFJ31yHNAH2NLEDUSyEA6uwje9MMYHn__0UNFxNkQCMC3j4OzOodpLpgchvsLfO52WHpMFSjnlrElWPBHh-GgPag9AEegtGOZRyOnL4WyAHnVJwfXRtVJvro5m_xVF0BozDG0bdGuEt2UdBVKu_P9r4L3WHSVjR4LAFeNBiExfv9JGJlw4jASrKUCZathJOkW2o7S01BYHNKMwb3DN3_nLfzeQnvE_z2MGQWm3OTUyx16pBK7zi7mwZc0-gHwj3yNRXCfGCGg3DFEE1utaSEe9xEFYv2x8R4IeTKjTuKQNhDhZAS2j9I3ImPf6Z0mgJ_yrPlgXt9XtnnY-JU7WfxLVQc9YrJ1BIAMf0TZoNg8y_epvUtjo-pbjzD8QWYPjON0ff6gU4s7fMwEQEwUHBAKfsLzMfkd3b4RsMwC8OHQPGxeZ_CeDOaZNpAnCp9Q-xGW_f1A2_xGMMVxyCHxSrp13rOn80NHYJU85_yNALt-Y35aUlQtZVbHMkSn7ncTHqZNMr3s39Aqdj1eDJ7CsBPcGAdOKi0fFoAUc2OeFVOWa_ZCzBMPA1tOfEzI5XBcm6Z8Lqb_91_uEiFrOjDRFAHZgaEZIy18-2GcDLtZmhQlhXC7hogBKhqX-QiljhDazW86f87BA4JOGdafFmSpD-fTZAH5eBT3bJPGmnvjrA-_bMG-qWKOYvebh2rVjFqnJUTUkdOn-cOl5bzXTwQDxusbj5VpPg3P_MtbteDNNBrE7TSqAgHW0Ghkp5E68m_5n4rbPvxbqsrQkmxy0wJgeheyTQdXHeaWshT6VGdVKOQuAzwEWYtwfOemQJxwChX4HXjNiifdWJkasS2BKIWKQj20_JOlIg-dlrKXfw4TfSjUZYwT7qWytcG8LauwG9lKYUEr5AqfDlrbovp4n6shXfCrRHskjstzSP4ciXDZwIZSMxRr6IPqlwM97aEAF4QlJ9_0iYKPQq8wmOIXYs09PCkL-shEye677b8HKYJ9fyyCAaCXzryv9HW6OuVceAzRGuOYLypHqGIndMuMH20YZ1h_8tayRaPWllnmpDdAahnx3HwJHzV_gSfhnedijurQ_hskTeqVeleEB8o2AdOQ1csOxAp1usSE9S5XCP1kUJXRs1P60HegF5-6XFq8YPeRwMKwOBvXX7JWEClm-uzdtzlwJk9JSdtqMaT5V9leCEh7ZWHb_LbDxv7bcVydw0-9cJXOpKZ2ly8YCvQCcO0IP6uaJSjm3xqB27ezVfsFSKkSTMjS0dDMZ-qjkMcyyn142Ymcsu7jqRqS8eRXWgXK5FGg_1vEUuvDMkIopHpY3ywvwrAd_4NocquKBFgPxrQEt6VIpcF4H55C5ZbmA6twiueTZ9cIkNYPV5hJBxQR6UCdSRaVz05MMYEGynJs6zZA2BZJ0_mDtn7MTER7tGgeOhG4agWbClSu3x-wItqTa1gz1QOuAJmH3KUaCdvbD0bw6vZhD0FTCQnKqhSoaF3iirLgxbhxvfrcPeqV5Mxmo7XlqGCAWzoQWDNuWXVRk0wnqp7z6zwJoKP_Ox8XJfOe5x-CkxlAJupdDwGHa9dIjWjmqsmLmzvGbAOKQwkR-EN9uXUI80yVdYtLbPpZ87-81VNaz6CzTjE93xe4ECBsvSsWy6Oxpywr10FTY2BCbraZBAb3NNfWYSRj6yKk4OAMm-cALU3f-pjUhqWZ5LIOInTAGxC6hH1HIM-DOREB9m9pb1OiAFz64jwJVhz8nyV4zFN6Y9fm9cmHHeW8chzK9liqXH6ybzrdfY5Y6t7hMWoAX2-BXeUSvEu-9YdzcLu8c1oNGVIs2ksHXSpGRFJMERkKiFyAUIrlDAU7QILMT38zKFgz9olcNXmRkERw6kh3niDIZhoUdaN3ch7_0WOXIYkrhoJcoCNB2jkXbGh-SOmNZ4ggGeJiBGB4bc6_ji15loSAr84P0Twkr2rCWNp9Z0pStwkOAYolhaRfCSn8kC5CbSNj5PufjCjj0wrk4w2otALOdvzfXDqsx8vX7vEtC0dg4JOUAFvFKpdWE-wJCi4QsgXwRG6IyO7-EVgHBRZAN0_Shxz-aVCVS8v2A8MagsELIrOG-ja2gpxab2KbPmvxBZzMFmhCd5TXJzsQi363XKnnujeiXr4PoOyx8x_TRAFaJETTnADTiZpPcrceNkmcwqYyV0hIL3rtMiefqEhKpXGRJ5MjjgehQeb3yVWMIW_b1KZQToWAyihFKEjjmIupj1HckS5fW13blFe-wUblfx3bGsR7dlwZqGw0UaZ39x5HgQvf23yifbLNN4IjsYshJcpuQ5WRl4j5v7NTyP_OReci3YRpv2RwbVpMxjDvYM_P0hCDhJqcOLQNYxwv82TxVr0RJYWIRhMqMO775amkRZ6SO9BMUaPmYH0Wd8uDrv_26BgKTXcncZcIGtvh5EqJ4x4HBH0ZfPF-LiQ0KuJ2Y9-GrLVfOcqkxZazOwxA3DjaFaT2BfNphXODNLlQ27qYXF4L5sxAwcogJTIC2WyMUscYKqvGS1yAocMroHpPxBrKRFIL8oohxRoSL--kwlwWgK4r386xpl8f8vVs44oWOAYuis__X0kci7GrKNZImktE24n-8cUXSkhH5Y-tY5egvuah86xMUZG6j87kw-SU_NfHK49ULj9qbVmEoei-mpNDk8AIgtTqyhtBmXyilfLEUqRZYuvrkbdpBkpH_BFOEo7MYxPEgFdXy1fyMrD3XB3skNncsOsdbqGqxEB6UTezfJEHmUHsf6IAOQ5tvR63NA4rHd82t0eR2-qKSlLmANQLNqrH6D7IPvQKTIiaVxVguKrMA8&cid=CAQSTABygQiDmKya8KgGsneF4q4eap4ANmi_maQWFCSz4JAhfwsomMWzGm0AwUkA7ZFoG_0xFuh4T9AeKlCDVklbJrxkz1nczss8WcT7kq4YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=16848221677295290000&adk=3047537735&idt=58&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b880c3c6cb6813e2bcaa47cfd2c410899ef23e6ade9a5f47e2ec2fffc643291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38476
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C6DB 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive-tv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:08 GMT
expires: Sun, 21 Apr 2024 02:56:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame ADAA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

107ms
58ms

Script
application/javascript

2600:9000:238d:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:238d:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 07:46:37 GMT
x-amz-cf-pop: AMS1-P1
age: 500973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: CoFfi68DBW_hAL5owELV8NcZXhqiReSzGhJ5D1TYq5P_Lg41OIioxw==

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame BDD8 91 KB
23 KB 165ms
58ms Script
application/javascript 2600:9000:238d:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:56:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 2034010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ghTpQ3aXMlIWjtj-w3ExEkjoIuaPs1gLq1uzg0i34RNFrth0w04x-Q==

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A54 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
215 B 363ms
118ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGEU,pingTime:-3,time:105,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16%7C171%7C18,idMap:12*,rmeas:1,rend:0,renddet:na,siq:24%7D&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
215 B 359ms
117ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGEV,pingTime:-6,time:106,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16%7C171%7C18,idMap:12*,rmeas:1,rend:0,renddet:na,siq:24%7D&tpiLookup=ao:koooralive-tv.net*&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.net_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2DPEGAZGEY2C3ZVBVS7BT
date: Sat, 22 Apr 2023 02:56:09 GMT
cf-cache-status: HIT
age: 280633
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba97893fe03a91-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
30ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive-tv.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
729 B 251ms
251ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2558009072922354&correlator=2238119459815723&eid=31073318%2C31073829%2C31073998&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C012f2506-7c14-4d78-9166-130dcda049e3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&adks=1057838712&didk=2038577293&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Df3913294-8323-405b-83b1-f5e67365b73f%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D50&eri=1&sc=1&cookie=ID%3D892d56ffbca67b18%3AT%3D1682132168%3AS%3DALNI_MbLDQ3W7J1KD7wGYWQ10Nw4dkBNcw&gpic=UID%3D00000bee189976b5%3AT%3D1682132168%3ART%3D1682132168%3AS%3DALNI_MZn2-A9F7JMfM7gG1Wr7KeUHCSB0Q&abxe=1&dt=1682132169158&lmt=1682126138&dlt=1682132167612&idt=387&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkoooralive-tv.net%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1158854688.1682132168&ga_sid=1682132168&ga_hid=1000144404&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYy92Pt_owSABSAghkEhkKCnB1YmNpZC5vcmcYqt6Pt_owSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMvdj7f6MEgAUgIIZBLCAQoIcnRiaG91c2USrAFEblUvZTIyanpwNzZXM0pXNmdoaUNydVdMWHFRNEQzZ2JEMWhPVERIU1RjWFQ4dHo0THQrMjRCNDV5UjdYVkZXM3VTdmtxMGdCWGd6aGFteTRCL2tmSDdxL1hRUFQ0c3R1THQ3ZDZPWEZkTjN2bTh6NVZIaTVVSWNXRmhlbnM3cmgxQ1ZSNm1kMWRJV0xPN0Zsc1E3czA2QmFJYjhycTAwQXRrUC8ydWNvY3c9GPDfj7f6MEgAEhkKCnVpZGFwaS5jb20Yyt2Pt_owSABSAghkEhsKDGlkNS1zeW5jLmNvbRim34-3-jBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae02c4ab54ff217aa2decf69975c5211606f0cf5c6da086b0dfb6deb8fcbd59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 700
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koooralive-tv.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
216 B 317ms
116ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGFC,pingTime:-2,time:149,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:630,beZ:631,mfA:634,cmA:635,inA:636,inZ:641,prA:641,prZ:648,si:653,poA:654,poZ:706,cmZ:706,mfZ:706,loA:736,loZ:738,ltA:778,ltZ:778%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:149,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B141~0%5D,as:%5B141~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16%7C171%7C18,idMap:12*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:24,sinceFw:124,readyFired:true%7D&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634097/ Frame 5680 243 KB
73 KB 48ms
47ms Script
application/javascript 52.211.63.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634097/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ixLi9cde6DSH_cJtHD7sau
Requested by: Host: koooralive-tv.net
URL: https://koooralive-tv.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.63.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-63-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 68443a94e22b924b05fb035a3c2d4b294d80b69e3626611fa9fb7ec4a2bb1e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5680 106 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Origin: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 5680 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLb32A0vmvPbvfPl9EmNyz885IZNGrRqUOJ4ROulHrBxv2_qrr8ddfxkTUAJbdMq0CAcpfGe5L4Tsa1WmcwXgYdoD4uK7qWTgRXprw2LGIeUIfMHgGGTTy4UIIlTl4wrw7amht87wpu43BXvKO8AaZOlLh1w-r3kn9ZMOCuyeBrAu92L0&dbm_d=AKAmf-AALaIAebJ481rQBinxPBK_-fnpLnVaK95ZCnhFvtibKmRoYEudE6RwrRO0gI-n-j_6vREFu0KjdVzk7pOD5l9tis0TK7kRDJb9djJrFPXCu4cIk4CEf0v1p2bIupInb1brUZp04SXFdqleHdVsDue2Zonfr63azOvKClldUbJRVmUiNvczL63tHLunoHmd270ldloye0NugtFR5_lvkhhnzoZD_wEfr0mRCIDN7_Wek4WY6EM6WOVpLSv5_ROWYnIEGTnPry6mrdaUzYQBgPgxE67dTQEHIbJb-pKn-Czabb9R7eSjNtMPgLzBIKVIcbyarFkwLd4VyNYxj1-b2qxs1xaVj2lTee4bYvfrJlJFRLXRTNrEs3-UKGX3wytPB51zVcL8dsBkwwO2erh8yfRMMWJJ8jTFg6rvJRBnFrqytOnmwhnIrupLJacyKLYg82RMoGlTlbaMHrBjsrXARAxoBOwHAtNoDpyECRrO__Sfec7WHuo_RD7RQt1ULy8yhpxZtecM9SJ17FUTFSIdIgzJizrFItxYHVqddtHNLrPUEvKRI2Jk7kultILayI1MZLo9KV2wTbHgRTI_d52-7leAXnQAKKyH5YV2wbK1sLOYf6Z99E4f3Bb8UcckYN_i6LmHKFRGKI-pM2X1VtHMqbYr3_dsOgKnuxgJMW_hsj3FeznUeYXTxpIOwQ137v6VwWmkogFboo2mnHCG11QAttUY9K8za210Vxr_x9tiHv0hdFVurmvrZdA2wYWbAUpPHnjkThJQ2u-4Tu8_g78CrtNixrplWa-i6LknnffqEzpN2oi6-yqwEvavBNk0tFZ7kEO6wsowOLCyNIUjVJwpKnvOzm30kIdk1Iejx6qZdaZiXvWOdosG2lxImGqRAFXw7eFuJTUFPVgtvChuPJ9g2h4J3beKNCEmdWuFt3bCHpr856d7t54oVfNZNmOuX4D__pFAdSA1cnZ6o75xmvvdZTY0d0eKnOj2TDyOGgvb23vx4RW6RFJ31yHNAH2NLEDUSyEA6uwje9MMYHn__0UNFxNkQCMC3j4OzOodpLpgchvsLfO52WHpMFSjnlrElWPBHh-GgPag9AEegtGOZRyOnL4WyAHnVJwfXRtVJvro5m_xVF0BozDG0bdGuEt2UdBVKu_P9r4L3WHSVjR4LAFeNBiExfv9JGJlw4jASrKUCZathJOkW2o7S01BYHNKMwb3DN3_nLfzeQnvE_z2MGQWm3OTUyx16pBK7zi7mwZc0-gHwj3yNRXCfGCGg3DFEE1utaSEe9xEFYv2x8R4IeTKjTuKQNhDhZAS2j9I3ImPf6Z0mgJ_yrPlgXt9XtnnY-JU7WfxLVQc9YrJ1BIAMf0TZoNg8y_epvUtjo-pbjzD8QWYPjON0ff6gU4s7fMwEQEwUHBAKfsLzMfkd3b4RsMwC8OHQPGxeZ_CeDOaZNpAnCp9Q-xGW_f1A2_xGMMVxyCHxSrp13rOn80NHYJU85_yNALt-Y35aUlQtZVbHMkSn7ncTHqZNMr3s39Aqdj1eDJ7CsBPcGAdOKi0fFoAUc2OeFVOWa_ZCzBMPA1tOfEzI5XBcm6Z8Lqb_91_uEiFrOjDRFAHZgaEZIy18-2GcDLtZmhQlhXC7hogBKhqX-QiljhDazW86f87BA4JOGdafFmSpD-fTZAH5eBT3bJPGmnvjrA-_bMG-qWKOYvebh2rVjFqnJUTUkdOn-cOl5bzXTwQDxusbj5VpPg3P_MtbteDNNBrE7TSqAgHW0Ghkp5E68m_5n4rbPvxbqsrQkmxy0wJgeheyTQdXHeaWshT6VGdVKOQuAzwEWYtwfOemQJxwChX4HXjNiifdWJkasS2BKIWKQj20_JOlIg-dlrKXfw4TfSjUZYwT7qWytcG8LauwG9lKYUEr5AqfDlrbovp4n6shXfCrRHskjstzSP4ciXDZwIZSMxRr6IPqlwM97aEAF4QlJ9_0iYKPQq8wmOIXYs09PCkL-shEye677b8HKYJ9fyyCAaCXzryv9HW6OuVceAzRGuOYLypHqGIndMuMH20YZ1h_8tayRaPWllnmpDdAahnx3HwJHzV_gSfhnedijurQ_hskTeqVeleEB8o2AdOQ1csOxAp1usSE9S5XCP1kUJXRs1P60HegF5-6XFq8YPeRwMKwOBvXX7JWEClm-uzdtzlwJk9JSdtqMaT5V9leCEh7ZWHb_LbDxv7bcVydw0-9cJXOpKZ2ly8YCvQCcO0IP6uaJSjm3xqB27ezVfsFSKkSTMjS0dDMZ-qjkMcyyn142Ymcsu7jqRqS8eRXWgXK5FGg_1vEUuvDMkIopHpY3ywvwrAd_4NocquKBFgPxrQEt6VIpcF4H55C5ZbmA6twiueTZ9cIkNYPV5hJBxQR6UCdSRaVz05MMYEGynJs6zZA2BZJ0_mDtn7MTER7tGgeOhG4agWbClSu3x-wItqTa1gz1QOuAJmH3KUaCdvbD0bw6vZhD0FTCQnKqhSoaF3iirLgxbhxvfrcPeqV5Mxmo7XlqGCAWzoQWDNuWXVRk0wnqp7z6zwJoKP_Ox8XJfOe5x-CkxlAJupdDwGHa9dIjWjmqsmLmzvGbAOKQwkR-EN9uXUI80yVdYtLbPpZ87-81VNaz6CzTjE93xe4ECBsvSsWy6Oxpywr10FTY2BCbraZBAb3NNfWYSRj6yKk4OAMm-cALU3f-pjUhqWZ5LIOInTAGxC6hH1HIM-DOREB9m9pb1OiAFz64jwJVhz8nyV4zFN6Y9fm9cmHHeW8chzK9liqXH6ybzrdfY5Y6t7hMWoAX2-BXeUSvEu-9YdzcLu8c1oNGVIs2ksHXSpGRFJMERkKiFyAUIrlDAU7QILMT38zKFgz9olcNXmRkERw6kh3niDIZhoUdaN3ch7_0WOXIYkrhoJcoCNB2jkXbGh-SOmNZ4ggGeJiBGB4bc6_ji15loSAr84P0Twkr2rCWNp9Z0pStwkOAYolhaRfCSn8kC5CbSNj5PufjCjj0wrk4w2otALOdvzfXDqsx8vX7vEtC0dg4JOUAFvFKpdWE-wJCi4QsgXwRG6IyO7-EVgHBRZAN0_Shxz-aVCVS8v2A8MagsELIrOG-ja2gpxab2KbPmvxBZzMFmhCd5TXJzsQi363XKnnujeiXr4PoOyx8x_TRAFaJETTnADTiZpPcrceNkmcwqYyV0hIL3rtMiefqEhKpXGRJ5MjjgehQeb3yVWMIW_b1KZQToWAyihFKEjjmIupj1HckS5fW13blFe-wUblfx3bGsR7dlwZqGw0UaZ39x5HgQvf23yifbLNN4IjsYshJcpuQ5WRl4j5v7NTyP_OReci3YRpv2RwbVpMxjDvYM_P0hCDhJqcOLQNYxwv82TxVr0RJYWIRhMqMO775amkRZ6SO9BMUaPmYH0Wd8uDrv_26BgKTXcncZcIGtvh5EqJ4x4HBH0ZfPF-LiQ0KuJ2Y9-GrLVfOcqkxZazOwxA3DjaFaT2BfNphXODNLlQ27qYXF4L5sxAwcogJTIC2WyMUscYKqvGS1yAocMroHpPxBrKRFIL8oohxRoSL--kwlwWgK4r386xpl8f8vVs44oWOAYuis__X0kci7GrKNZImktE24n-8cUXSkhH5Y-tY5egvuah86xMUZG6j87kw-SU_NfHK49ULj9qbVmEoei-mpNDk8AIgtTqyhtBmXyilfLEUqRZYuvrkbdpBkpH_BFOEo7MYxPEgFdXy1fyMrD3XB3skNncsOsdbqGqxEB6UTezfJEHmUHsf6IAOQ5tvR63NA4rHd82t0eR2-qKSlLmANQLNqrH6D7IPvQKTIiaVxVguKrMA8&cid=CAQSTABygQiDmKya8KgGsneF4q4eap4ANmi_maQWFCSz4JAhfwsomMWzGm0AwUkA7ZFoG_0xFuh4T9AeKlCDVklbJrxkz1nczss8WcT7kq4YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=16848221677295290000&adk=3047537735&idt=58&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 5680 28 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3332 466 B
238 B 35ms
33ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkqj5xgEwAQ&v=APEucNVg1bMwGyF8-rLGMcYN_OmPqLxDFGuR7_quq4WD9CzKnMFp7rl94p71BqWWb9HMze7Ji-rcHdjWT54M8T50May4dcHjhe1EtyCSS4Dg65ZOaovJ5cUL6hMDF798LMLxNDixFTcWhqG7z9j7N9sjpQZpnjTf0v_XIJ64eL5OzflenhpCAVI

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:09 GMT
expires: Sat, 22 Apr 2023 02:56:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C6DB 78 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AA_m27PEAHBCw-O6EKvRzUE7whGKQEyVFl-nA4FGdUABKta-u3XOHrjaOLYb_wGSr50KJ8DfDzDPFDk1MsHa2FgSi7swje_I_v3fYp-2dN9eRybtQ

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7480533123041739303&x=1&ct=76

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C6DB 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 19:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 19:35:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C6DB 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 06:15:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6DB 159 KB
49 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ADAA 0
0 61ms
60ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1GFO70GWTCUONIzzYQcaQg0LjSoEFEnRgsFDlsSQlJu2VDmkw-bHVcrb2uKb0Xq2kvZHkuMaPfXVYbO7ejV_2N2jj495fFUfPTY74q4pCPhQsX5aNG-UNyYuL6DGhuxwpNWcIfC4x2KegWfS_6gHxWtoYFbfTQtDYFhdJxU-kYOmh8BfNVfBpLJumt92JXT-8XP0H1eS-66V6QCj9l1Jpp9qjJwxDHV8-RJEA_G6qwVCrVys6o7FcykJPsdMp6ufzeCU2f2_R8rYsBWPTEZUOjtHHIWIjBcgByednk7AThhDfff7ezj0DAlDraseR07f8R98p5ovJdAPppxo-ZDbLlCXB7TKL4Og1d2qpyAumQmeLo-4_yCaExzGQ5UEriX-6vgT1z0535lExPu3TjcpDwDGRL0pI6yy1WQcb96YfKWaVXpCd1oALNrcfEYGigiPD1Jv4Ua-p9-G77-jd3zasgpjRNTSeKGxQhnRJd6z_Fg9HusZM199Qf22bZOEQXpexC8348C0_wEgsA0dJLvIdxKUHPZ27bQTh_y43LbLWLvxJNNgWZS8MzoP2wLkPC6QfSjh8e-1B3d_0uvkqTD1NrKKTevYGQiMg_qfXlvMTfTGHdSGU8sLz0g10lO6ik6ChB9VwhH1apN-5R0tkjZD4Kfx7jgZCVSlO7egqIjTLuVvyn1ncGsB2anXlpn1jk9zsT8NHWo6g01sSLVJBy8iQj39WI4Sq68WXc7GtqX4gdpSas8yPA3ENEYbuIUDh_d3075GSRW0Jycu4Da1IA7Xhl-XsJ4YW7x-XbteDGx_Rhl_Gs5vTAl1UqUCqC-7wBeJ0n0w_ALGARdj89xp-uupTD06eLQTKI-fqIWYucRh_NYXK7_OTw39h6aiz8IMh7Hq0q7CDRw9Ocu_sLFIKVwhHhLSMpXxK_RheYMyWVAyRCCaCg_KkHEyRGQam7Gku1lnEVgm5yd6xvI42t7yk9miWG8uwfaGH3a47yo-ElDHcI0TEjESQYIWNYo34q3gpwdTHb33utbjsG0_dgVkeAyLdzGe1ajhtdDEAJOVRD3V5aKXPSr_AywBJVPtjgsk3gpqS-wQjiQ0Y9HyBkHa39-rspMqYuP1cXL_4DmtkR-vtnSfnbzXDCMvHlyr9mGBYOlj8C-Sy38uHloTpbiDhDcEstq1on1EwD-lO_yps82VayC4rRLkpyJTsbaaXm_ZnLYWV_GcFnsB16pb42scQ6y5zklTPVY1Xemj6TPn_qoLjvI1HIOu7Hm5u98a_o-3YV2YMkwi99is&sai=AMfl-YQ1IrektfpeZxA_YNBkuFTE5G1X97cYbykEPeNnzKjeZy5F97lHNCz9PsSHyjjzfWhwSkdArK2EJJ5gJtPkPdrOEQB9dHeR88Vw-ti7l8Of9SkRlNmhcwppjQYNyHRt939smTvox_lZ-ShOXgvfN_Sgru3yTERzIgEGFmUsunf6n0xMfO_HCzOaBOjCw_79ZHOXiO5GQHcS5oD6J4b0y6p-wOGhRAX5sD8kRk5n4DE5vZPhqRXHaW3Yn00rBYMiNC-nJmAm0tMlb1oi2upkZpGzGOsGehzdwIyC&sig=Cg0ArKJSzBQ3ZsivJ3e1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=477&vt=11&dtpt=308&dett=3&cstd=161&cisv=r20230418.58124&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 02:56:09 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 581E 0
234 B 78ms
29ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=6abd010e899a48dba61414a62adfe9db&vfdur=183&cbust=1682132169204167
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 22 Apr 2023 02:56:09 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 04/21/2023 02:56:09

GET
H2 200 globalpassback_970x250.gif
cdn.besafe.global/ Frame 581E 37 KB
37 KB 107ms
26ms Image
image/gif 2600:9000:2204:3600:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_970x250.gif
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:3600:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 05:20:07 GMT
via: 1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 77763
etag: "9bb76ce5aa5d929a4f69f37b75f469f1"
x-amz-meta-sha256: 496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 37581
x-amz-cf-id: NPl9j_dboLc1apueQtN8jgc9afuVfenAQPusoWPe7wt8jkPMzjA_DA==
x-amz-meta-s3b-last-modified: 20220630T185152Z

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
215 B 293ms
118ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGG2,pingTime:0,time:175,type:pf,im:%7Bpci:%7Btdr:153%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D,%7Bsl:i,t:175,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16%7C171%7C18,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24%7D&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 581E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26930c926ce0da9d846fec206e153caa142d8eee80d41678139c23dafd2753b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 3332
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJyvlDfvLpM8l69P8_bUIrM&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJyvlDfvLpM8l69P8_bUIrM&google_cver=1&__user_check__=1&sync_id=3bc33209-e0b9-11ed-8895-1a4ab9540206

43 B
549 B

30ms
29ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJyvlDfvLpM8l69P8_bUIrM&google_cver=1&__user_check__=1&sync_id=3bc33209-e0b9-11ed-8895-1a4ab9540206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkqj5xgEwAQ&v=APEucNVg1bMwGyF8-rLGMcYN_OmPqLxDFGuR7_quq4WD9CzKnMFp7rl94p71BqWWb9HMze7Ji-rcHdjWT54M8T50May4dcHjhe1EtyCSS4Dg65ZOaovJ5cUL6hMDF798LMLxNDixFTcWhqG7z9j7N9sjpQZpnjTf0v_XIJ64eL5OzflenhpCAVI
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 02:56:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 116
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 22 Apr 2023 02:56:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEJyvlDfvLpM8l69P8_bUIrM&google_cver=1&__user_check__=1&sync_id=3bc33209-e0b9-11ed-8895-1a4ab9540206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 39
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3332
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2JjMzMxYWItZTBiOS0xMWVkLTg4OTUtMWE0YWI5NTQwMjA2

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2JjMzMxYWItZTBiOS0xMWVkLTg4OTUtMWE0YWI5NTQwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkqj5xgEwAQ&v=APEucNVg1bMwGyF8-rLGMcYN_OmPqLxDFGuR7_quq4WD9CzKnMFp7rl94p71BqWWb9HMze7Ji-rcHdjWT54M8T50May4dcHjhe1EtyCSS4Dg65ZOaovJ5cUL6hMDF798LMLxNDixFTcWhqG7z9j7N9sjpQZpnjTf0v_XIJ64eL5OzflenhpCAVI

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Apr 2023 02:56:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2JjMzMxYWItZTBiOS0xMWVkLTg4OTUtMWE0YWI5NTQwMjA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 130
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3332
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JTjFzNndCRTJ1Rmh4STljc3o3b0J1X1BDa2VHYWRlQX5B

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JTjFzNndCRTJ1Rmh4STljc3o3b0J1X1BDa2VHYWRlQX5B

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JTjFzNndCRTJ1Rmh4STljc3o3b0J1X1BDa2VHYWRlQX5B
date: Sat, 22 Apr 2023 02:56:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 46F2 2 KB
1 KB 22ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:05:10 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 46F2 3 KB
1 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 02:58:24 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame 46F2 8 KB
3 KB 24ms
22ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:04:26 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 46F2 12 KB
3 KB 24ms
22ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 02:59:30 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 46F2 4 KB
2 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:07:04 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 46F2 36 KB
36 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:45:36 GMT
x-content-type-options: nosniff
age: 633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:00:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5680 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
DATA 200
OK truncated
/ Frame 5680 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03c50415881caf3a6a961fc2856e2ada0d99690c183a4dbf4661631d6230b632

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11054544220910830971/ Frame 90A9 143 KB
22 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 231952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:30:17 GMT
expires: Thu, 18 Apr 2024 10:30:17 GMT
last-modified: Thu, 24 Feb 2022 12:30:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5680 0
0 67ms
66ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIPPuZyDqZW_Q371l2DHcjdFDLTY_Ty32Q6y-gqZ2Yf3ywrXxoGmKw2qxD7LhL0aG5GqXwq-iFExFYrA2fZ4Uq_XAwIayDgJ2NqfeCCbXNjZVsgudlC-Q8HwAWo51MGIIM6TWryY_a8Xx3TZSBMPTTCBbyumeal_KGBsYyERIbPjYh8QUzw3Bd1T56Ls1-q47QHU3lFX6c0rAFEaJ-nrut8txKxq9FLJAyf0QYH7u5qcK2RXcleG_yVa_tPLiGemNMNYhESOgDZrpqoqisCHDXWoCCS0tUNKRV67hduSphpL-kpqGD8LRTqm9s-3kW9e9CcpGMXc6hFB0FontMN9jj0CAPhFXgZAvO-hr2EDpYGaW5uOBt9V_ysSdFloI40rLzF9NDVhJRII5bCNQP_JoWUIDOa2l4Q6CajP4324FF4DrGeCZFoNI3jZHWOlPB8QPFyDSofleNHKD-Pduk9v-aU9-SYjJtIuf3zY1sT5tlqaCFUghtFHjYRSaC-ji1N-_ur-OF5iIEh9UXsAehXcRIfhQqOpPGakQRhRMLQVEHQ-PC0K4TypuXqBbU5EE6QVFAX7SiOSTtVAHHSbPfOA5qwlWJOJSVvqGHay1QFBs6-qD_GnPVL-XERgvfiLFPu2I65_TvwyZfZrrbyWyy8jhNcxEwcf6c-XF__kzWFaWRDPMribzGuIQeah7i0K1sWL51IQOWsREO2w_oeU-fwZqd43DpNUsvkrXvABchOtE_Xur0G8NhmQ5csaGd7q6XNRlV6Cd6BI7CYHoo6FuHXNGM-9FZhYQvjMvJNGh8eoXAeW7somMCfVz6cThutt9cMTlQPBADO6YuZuucGLPzsJ2VXNlt-CMwJa-uwOeEwkvinMqsvBHD09t3ojoTjBxMOTHvpwXmOwK-eKok02Biwh9p38LmFM49dcLhyZcXUd8LBjhh7mOx4-UXXcpUvu5JwJSBhiiu8VjTf12taoboStVBGcYVJlQKEZN25CdqmCwWQTM-cOP8yyrWafE5-GX79zhqI-vQ-ligiKMFHE4yVPSMVey7Gd84I3Yh-soUkdCLXmbyFlKqC20kL0XsejVwSk359iSi00doJLFdIge4rQPFSW6pKzjL0YkYkejyEZz9p0EDSYPnp7TsObrhf_KUulBUBT-rNjxqYDsBa-My1aZkD0fDB7gYITmaECB0Oph40IMBGHwuJzq-ElaEgYjR28MDWfdS74vVLV9V9xBjNlbYqqmX1WiZ-c5bDsyj-j5IEUBNZ6T87nf6jdLyPOr39S33gVVB7wSwcs1raDg8Jrbc&sai=AMfl-YSPUmr8xdWjAYpqo5M2-2OYbJiXqTo1GtzvytsB_EHPwI57G1ajlP18Wb8Xb4BhFCgZ1lFxQ4lcbfCg-9qBss9z7XiTmyPD5_eEdAWniI90qNgliAw8wcCseVWMG_efRhK_0XrqIZfqqMTtmu8yPR1ccD5qUrQ_JkPQ21LM1a5vsCUv-yxWeWu3EtEc9ULZscT4PXdx22uTEDT7Y8nbibzaNLxSLGSiZsPV8APyOpUrOi9MXAO5xigHVEteml_zX51-DCl3-0_WANXe3kyE5C3YKJNTGMsp0MrW&sig=Cg0ArKJSzJM83rRF86kzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=136&cisv=r20230418.12253&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:09 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3436415881760&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3436415881760&version=m202301230201&ct=76&x=1&cor=7480533123041740000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C6DB 88 KB
36 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs9IAmY3eDvl4kPBdq7PIwV9PLwEg5ufA2lE8gdK2-zQobd4Ly5ZzV7-txvaSCBGVO6l3txXTohPmq4suYApe2rvHAZM80k9u9EQEBiNG3vcufqqUrnKrR1XYwkdJAHLcQughqA-iRAbI41A8fevta30CTARzh4vHG4psftu7-K8lf0JY&dbm_d=AKAmf-DmKLELKepxX6wzunb9ySZkFQarlHbDXr5rGONCSavXyRoC-252aqBJUFFkSNumTzj1LpsntY_ngOeFaWg2A87yTYq_sEXqgkvgfb0IThZP1ePKyuVCYsmvBjs20vJNkzLPjNK-Bf7uGn4tncJzwdacn1qgV-G4NGNP2HNnEISiBKIvxlNhY2vEcjINQ8qLkS5BPBlp3_6rvHSWps8Mg0nu2ivG0ZRqPOoMq_PHB773kXQrcsk6lE2Yx34nxS8AtP4TTV36eqLnRiIPyYLrZGY9M7I6Udr__6O-ssYnwvlkUymIW2OgOx4lKGQim_l2-fy_B2UPP6barVF1hIi9y4qPt9gmsxcK1zeEu6pzJlguBTgyWtNOXFNROSpH7X7vZMYd0CXkqFTGYV-oW8Ihr0ePcMEEziNCiyRfP2sY5B4w1M-7LvpwqJ-NSuSYQfs-8AOEKdyiicpNsYj2xa7bEzlBTirGEHPm1n0SkEVWIzYXJQeSfK1JPcbejNaCKawZSlurBff16_FGTcmzDwgwzKN5lxVS4jkUTqFrpx-SWeVdR_F2b5dxOjOQfqZ61YclC8pKPtzp65KUNfu6ki4coiJI-yMNTqFnmpXvbcYM6MEiIfJAhOlRDce0HjjyFXaUWAMKRDqIZnMmraUpn1RuN_gZZEpt0Vb76H3fUAAYSjGAAXg8JoNuvEgXove7PVhQCZjBaw76rav4Lt01vi1TjHCXSp9w6vkaHRRtNmsaC1IAm37CumalUMP7cjfx59M5lr8i0_JLhhO7YJwlUFsyO3QJu9TpKDdwP9-Ye91EPo-WEe-3TrUEe9lNJb4J5ehQuZ7edurDG07mS2_MAiGb-1tWgalZhXf2e7Xjltq2UVeUOUpH5Xo1qDHZWhDTBNGwQWB1c6YA5SEEnkJd-9WjsNdM_jvfAsSA6t71aOd-n85ePhlq5BhOs7Y9mK6T79dEYNaCZvSBO_a32pNz1kqvHbkMNEHJ_JmyzD5aOT64NQJxyKd53jvMyfhgte1ddK7zTpbVBEogUcNPggS9ieWJ5VkOTfXgUfX5VsJS0nWuYTNhZJ5LjyOrGdLdsLnwnoCXNgOW6aBTCIBeLlTlfidwjTxoUpzdGy2z8z7TiecslCrajkp6cJC7Z7hwu4b3qzjZk_zGe_mGRwjdPn7JXfQqAconeGEFxfqSmt9L7LVDBcv7HiRznQ7hnQ3OvinB_NDgToBkgC4mao0YLxsCr1JN5xFG-VrhUE0fbN4F2Y0nuofv7E3_6z_iglAZUhe7DHZPUbLKEVEGSsxsZujCmDJAcQdal0b8yybeoXfKQD71yBjdh8bysUMQLiP4BqUHHGymAdl_bZ6SRIkF7WaZ23zWEWIurzCE0vSFTlti8eOy1MIlbXVVexTVQFYNdfBmTpaIPbSgD2zEpXc8ARVARNWzulG6ynS81sdk1m15puDhLRWSntBxNxCNAC8Yl5Wk8F8zLd-sCbcJIAFLTh8soi2ChGhD88hxIKSwnwAPUYHp3oMzQM9VKwBBLXxliGppCuK0Irq8D9TVYHLaFOxfeSCQvCVRb4iBSk4AlILZ2-sI4_t_cN9uT_mw9yITr7MZ8ByjUtqB0wr9WcChIyLxJg3CnndeamIGpllSsOeYVDocfo1cgJOg5sze-T9fCSG_14Wi0ThChobftLjpSSGDp51M1syJ4jwQb6gH9SkXmkznf7jFA7FyihqHmS0Pk-8snwosphIt7nyX3wlcGHX_T3xNhW1exbvfFx7fRbhHFlD8rrS98mYWtyTIjBpKkT5QgvVD3nG2zPm7AhGkl1otHNCarYd0oz5QMxYUf6HBWmlJD55gJekp7I97bhnMIJshdarEaHBdKIHI-WkyE5LEK_ZzNlwkC8Jyole3vIoO24u1Rvxxw_J-IhosPZZAsjvhz0qXwrJSZ1xcu1Jog9Pnj1aAMTE8Sc_9Cyl6bXjutzs_Zj4G52TVE1pLzMMKioTBjMAZLl1HJ1NjOC5ZWZcgwAfs82jGpC9mZu6nd7GNj7VQDYYgRPl0jDhvxw22CipGq2fvLeRoo5b-JpnWy19KJP5QmXAk_BKYoA01Pc14vD0QC66Oj5R5opzMUWDPEYt1LmiKpsYvIQtTCObyhQXHvou8EylZxFt9xDIsPwIKDZ6wQ0LBVdobfT0Mvuw2-fDrCvJyUkSyG-rWUKWcZ2osvbjPbMJysFsRT7Nk9Or-SSEApHh-Dk9KRda29TLEfIPzFnpZay3z2xI-FUVLs2Qnqq0eFKoheg8z5EZJ7A-dN95qaHhwALpfdrMWITnzwqybZLuln5xS8ikJafh2lZo4kYEWmlVMpzKNf6FcitvqKmdz3CQsrUvqWNLRltZSAorIRBkthVG73aJyhla5C8iCGxNhGcapc3-vP-N-TfuAJVgAHGdQu5uiwGYLFrAjR2fVDKWMiXyI6Mt7ZszGe3AmrdHtziXO7GdOZ6C43YLdQtndngjZwmhvK94f2B7nr9RaHEJ1Ozmm6jO2BUGhFuLnS0mV69IGpSWubIs7ICMlfH9i1OrZcUJqtIlB8bTqejKyQVhj7jLgPzIJozQXiIfjUi3de3YYOfXA4OZ8Uq8RRqCstEaTMx7Rp888ldlxhc_O1btaP2SS0jRUsw1-lSZR5JLGB6JFXPWokBVi04N5n3LNxEogAuQgCfPngvG6fFSaMjRC9tdBDNi-rPmu--JQILR6sCdt1WEcWJE3oB1uiPrb1MT7zTFEnu8jQ0q-dleNNOZCbcdVtK0zsJupnfBLF1GIVmGvmXnc8HqMNcxJH1HePVGeZwaGVcTRQ6fnZj9e605yboysHmoRi1rqKodIAJEQ6RT84hY--4A2N_OoQsz2OuDpfSC5wgYrDSOIarhuffRgnSKbbWxwYbEFAnuaKzNGDDFyPXr7thMV4sWsQXmMckLxSKDVsk-BmFIHsNj-8HazyKRuQPV3-z5d6cPdk-ZZVaWAS729YLFXKsDM2Ch4qLwR3Krmjgrq2ZkLTn3vPZG_Fl0BVmdAZRa4HLCa5eSuVQY6GV8dQgv4iyoHvJc85AE-SZPlbojJCmkg2sW9TQ_fh-MovbD6xVAKD3OuDyFmOK9dmCvRN_1uuoOKKZIuTE9MGJJ4BqcYUKuidUAIu-dMbdR8KYCoU3btbW181ZMpLt4sIQRmGeXP3s6-XOCCySemBlAoocY_7tOcL0yvDB2vAx-GiLUkTbiIyfAedmUa9Ep5R9olWTBn9Vb6_W9WtI71PUHhB1ufkso-wl6IlosALOJshPhfSmsmGEjtkpYKRaEW-YqJ1O1fo1rym9I72tsyhCyyaUxwrTm6COQQ6WfSe5UbQrp4_Bx-M5QL2JnyxKC1tLajVfC-yUTZkYO3xReLUYjy3XbeUYGsDt1enlIguaJbM4pAhL3vXmWQkRCoQi7sJEINHRddsJLcnZ85MAQ3cY6QeTmGAY4XAZbJXGSXRpqzoJOmyju42EFK4m0cdYEbyMCfCQ5B_l63TvdtG2AguVOYuTGGQl8o4ZJflnFemektn6ZHfG8GyQMCSeTTAwM4mlCpADPr9yInHsRNWY2r5iJUw6HPkTB-mZcjPd3-vi2R574NGkmvFMLqI6gOyscTOWXgSw&cid=CAQSTABygQiD7qejMYqv9YortejnwT3K1gbffc9oDTFEKsSf4P1lh6UZhhpMlNU_A726avP_9cf2De0SlBp35ZHOolTxuYFpBsicfbLciHwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=7480533123041740000&adk=2857193498&idt=47&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5d9982424851b7e8820af6af7486424fea038f1d64a31f828d5b3260615f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304180101&jk=2558009072922354&bg=!k5ClkMTNAAYfNdXmPzU7ADkAdvg8WsLIFDBzztSqOUwi26Ukzua0IOmGXWwPXZycVabqVirJAKlCEoJRfrmiUQDwk-cmk51TKSwCAAAApFIAAAADaAEHmQLq9JosCyL8XKgkZ_aUMU-H-7GPfIKU-blmd3fiS90n9jm-5h8dhVqeymagJ2UFlKS1i7-Zy1a1k_phFGtk1smeZKlirwo2LwOaJx2W6rrmMnHykckhkSx2UO8_O769ffpEj0UHRPMO_lEdrv5MvPJQgOWJvMzBvok8rjQ-qcVWMl5eXoGJXIGc2Be3qmFbRQ6IuQYjwtTl0e8NNAan0NwQr6OB9ufB5sOGaJpdhHZj7ug9ikVCQBfaNiXgPowwoTzeCXD7kdfUzatIk9SUPE32aLYNkdwsDW3nqQRIpFpjyFJTDNoUWpmzo-MU_Uy5ONQfOzKOdoF0IYLghzqhQTIUelYHlQVDCc8f6KRxoaJtt0teBA3HA-7yz8TMWtAuVmR5okw_05LcABAq8w5mlziUDVzB_WJ0ka6pOWhxsFP3MIjrpPYOeQ1S0Ki3G8r_i4VrHYkGaKQqPQI1E4R26bZAA5bnwBf7Ic1q4M9RR87HtImFS2SEwwir8zfoMaQ3s93afbR4BYnTNKN_00qES0dyicl2A1j9hxp9JmPgV2brUCWKKgeYH1F16MfyWDbzE6S7uepuLd4R5ZaFwO911KE3NA2gHjRKzPDQUNN0zKcr7mVmje5xhMya5iPfql-GrM1gVL79pgsrGrDMGFKwwa4aaazyfNv2mVydwhcvvt9K1_hOilSLXdjAsZhDlyMzYSJtMeU0VP76fI5dSH_WVAE13_HS6s2_Jo1xBKFs6jhONuZ1012WvFbHo92PeJe05yVw9DbVyrScbLNtepioAkKCSstaFvFU3zu7QAC_gxZxLIAQ__VA2JjhS6cW_sPwC1RJx5NJ_OW7r6T1lDZv5JcAgRTvr-q6fOFdjYamXXgk5R6rcdljztEi8RN52Przyszfppjvx_9AR9i9c1XnRwze1TshvhhGoPAR9iC59kESBCXKRgUKPBp09zRJLUamZunj8Z3pHjLkN66HBqKTZ25UoCJ-U7ontd6Ifx8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 90A9 29 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 03:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:57:24 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 5680
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9035087792692775&ias_chanId=1&ias_placementId=19429846202&bidurl=https://koooralive-tv.net...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

53ms
53ms

Script
application/javascript

2600:9000:238d:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:238d:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 07:46:37 GMT
x-amz-cf-pop: AMS1-P1
age: 500973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 0HCo_CqPO6aFgpstGi7LttjBt5LLGlK_DCoCaWQlNSGmiKMei8P64A==

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EB37 91 KB
23 KB 67ms
67ms Script
application/javascript 2600:9000:238d:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:56:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 2034010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: R-hZ8u9t9rTnUQcMT67SuII_hKK-15XOQFPZg0ofG9u1017YSeUCUA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5680 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=613d14ba-3f69-f41d-c9a6-c8c9653f9b70&tv=%7Bc:atKGJH,pingTime:-8,time:25,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:25,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9II+11%7C121%7C1221%7C123%7C124%7C13%7C141%7C1421%7C15%7C16*.990511-61634097%7C161%7C162%7C171,idMap:16*,rmeas:1,rend:0,renddet:na,siq:24%7D&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.net_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhbGl2ZS10di5uZXQv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive-tv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GYB2DPEGAZGEY2C3ZVBVS7BT
date: Sat, 22 Apr 2023 02:56:09 GMT
cf-cache-status: HIT
age: 280633
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7bba978b7c163a91-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5680 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=613d14ba-3f69-f41d-c9a6-c8c9653f9b70&tv=%7Bc:atKGKZ,pingTime:-3,time:105,type:v,im:%7BpBlk:56%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9II+11%7C121%7C1221%7C123%7C124%7C13%7C141%7C1421%7C15%7C16*.990511-61634097%7C161%7C162%7C171,idMap:16*,rmeas:1,rend:0,renddet:na,siq:24%7D&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5680 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=613d14ba-3f69-f41d-c9a6-c8c9653f9b70&tv=%7Bc:atKGL1,pingTime:-6,time:107,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B100~0%5D,as:%5B100~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9II+11%7C121%7C1221%7C123%7C124%7C13%7C141%7C1421%7C15%7C16*.990511-61634097%7C161%7C162%7C171,idMap:16*,rmeas:1,rend:0,renddet:na,siq:24%7D&tpiLookup=ao:koooralive-tv.net*&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0124 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 233150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C6DB 170 KB
59 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Origin: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 11:36:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame C6DB 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs9IAmY3eDvl4kPBdq7PIwV9PLwEg5ufA2lE8gdK2-zQobd4Ly5ZzV7-txvaSCBGVO6l3txXTohPmq4suYApe2rvHAZM80k9u9EQEBiNG3vcufqqUrnKrR1XYwkdJAHLcQughqA-iRAbI41A8fevta30CTARzh4vHG4psftu7-K8lf0JY&dbm_d=AKAmf-DmKLELKepxX6wzunb9ySZkFQarlHbDXr5rGONCSavXyRoC-252aqBJUFFkSNumTzj1LpsntY_ngOeFaWg2A87yTYq_sEXqgkvgfb0IThZP1ePKyuVCYsmvBjs20vJNkzLPjNK-Bf7uGn4tncJzwdacn1qgV-G4NGNP2HNnEISiBKIvxlNhY2vEcjINQ8qLkS5BPBlp3_6rvHSWps8Mg0nu2ivG0ZRqPOoMq_PHB773kXQrcsk6lE2Yx34nxS8AtP4TTV36eqLnRiIPyYLrZGY9M7I6Udr__6O-ssYnwvlkUymIW2OgOx4lKGQim_l2-fy_B2UPP6barVF1hIi9y4qPt9gmsxcK1zeEu6pzJlguBTgyWtNOXFNROSpH7X7vZMYd0CXkqFTGYV-oW8Ihr0ePcMEEziNCiyRfP2sY5B4w1M-7LvpwqJ-NSuSYQfs-8AOEKdyiicpNsYj2xa7bEzlBTirGEHPm1n0SkEVWIzYXJQeSfK1JPcbejNaCKawZSlurBff16_FGTcmzDwgwzKN5lxVS4jkUTqFrpx-SWeVdR_F2b5dxOjOQfqZ61YclC8pKPtzp65KUNfu6ki4coiJI-yMNTqFnmpXvbcYM6MEiIfJAhOlRDce0HjjyFXaUWAMKRDqIZnMmraUpn1RuN_gZZEpt0Vb76H3fUAAYSjGAAXg8JoNuvEgXove7PVhQCZjBaw76rav4Lt01vi1TjHCXSp9w6vkaHRRtNmsaC1IAm37CumalUMP7cjfx59M5lr8i0_JLhhO7YJwlUFsyO3QJu9TpKDdwP9-Ye91EPo-WEe-3TrUEe9lNJb4J5ehQuZ7edurDG07mS2_MAiGb-1tWgalZhXf2e7Xjltq2UVeUOUpH5Xo1qDHZWhDTBNGwQWB1c6YA5SEEnkJd-9WjsNdM_jvfAsSA6t71aOd-n85ePhlq5BhOs7Y9mK6T79dEYNaCZvSBO_a32pNz1kqvHbkMNEHJ_JmyzD5aOT64NQJxyKd53jvMyfhgte1ddK7zTpbVBEogUcNPggS9ieWJ5VkOTfXgUfX5VsJS0nWuYTNhZJ5LjyOrGdLdsLnwnoCXNgOW6aBTCIBeLlTlfidwjTxoUpzdGy2z8z7TiecslCrajkp6cJC7Z7hwu4b3qzjZk_zGe_mGRwjdPn7JXfQqAconeGEFxfqSmt9L7LVDBcv7HiRznQ7hnQ3OvinB_NDgToBkgC4mao0YLxsCr1JN5xFG-VrhUE0fbN4F2Y0nuofv7E3_6z_iglAZUhe7DHZPUbLKEVEGSsxsZujCmDJAcQdal0b8yybeoXfKQD71yBjdh8bysUMQLiP4BqUHHGymAdl_bZ6SRIkF7WaZ23zWEWIurzCE0vSFTlti8eOy1MIlbXVVexTVQFYNdfBmTpaIPbSgD2zEpXc8ARVARNWzulG6ynS81sdk1m15puDhLRWSntBxNxCNAC8Yl5Wk8F8zLd-sCbcJIAFLTh8soi2ChGhD88hxIKSwnwAPUYHp3oMzQM9VKwBBLXxliGppCuK0Irq8D9TVYHLaFOxfeSCQvCVRb4iBSk4AlILZ2-sI4_t_cN9uT_mw9yITr7MZ8ByjUtqB0wr9WcChIyLxJg3CnndeamIGpllSsOeYVDocfo1cgJOg5sze-T9fCSG_14Wi0ThChobftLjpSSGDp51M1syJ4jwQb6gH9SkXmkznf7jFA7FyihqHmS0Pk-8snwosphIt7nyX3wlcGHX_T3xNhW1exbvfFx7fRbhHFlD8rrS98mYWtyTIjBpKkT5QgvVD3nG2zPm7AhGkl1otHNCarYd0oz5QMxYUf6HBWmlJD55gJekp7I97bhnMIJshdarEaHBdKIHI-WkyE5LEK_ZzNlwkC8Jyole3vIoO24u1Rvxxw_J-IhosPZZAsjvhz0qXwrJSZ1xcu1Jog9Pnj1aAMTE8Sc_9Cyl6bXjutzs_Zj4G52TVE1pLzMMKioTBjMAZLl1HJ1NjOC5ZWZcgwAfs82jGpC9mZu6nd7GNj7VQDYYgRPl0jDhvxw22CipGq2fvLeRoo5b-JpnWy19KJP5QmXAk_BKYoA01Pc14vD0QC66Oj5R5opzMUWDPEYt1LmiKpsYvIQtTCObyhQXHvou8EylZxFt9xDIsPwIKDZ6wQ0LBVdobfT0Mvuw2-fDrCvJyUkSyG-rWUKWcZ2osvbjPbMJysFsRT7Nk9Or-SSEApHh-Dk9KRda29TLEfIPzFnpZay3z2xI-FUVLs2Qnqq0eFKoheg8z5EZJ7A-dN95qaHhwALpfdrMWITnzwqybZLuln5xS8ikJafh2lZo4kYEWmlVMpzKNf6FcitvqKmdz3CQsrUvqWNLRltZSAorIRBkthVG73aJyhla5C8iCGxNhGcapc3-vP-N-TfuAJVgAHGdQu5uiwGYLFrAjR2fVDKWMiXyI6Mt7ZszGe3AmrdHtziXO7GdOZ6C43YLdQtndngjZwmhvK94f2B7nr9RaHEJ1Ozmm6jO2BUGhFuLnS0mV69IGpSWubIs7ICMlfH9i1OrZcUJqtIlB8bTqejKyQVhj7jLgPzIJozQXiIfjUi3de3YYOfXA4OZ8Uq8RRqCstEaTMx7Rp888ldlxhc_O1btaP2SS0jRUsw1-lSZR5JLGB6JFXPWokBVi04N5n3LNxEogAuQgCfPngvG6fFSaMjRC9tdBDNi-rPmu--JQILR6sCdt1WEcWJE3oB1uiPrb1MT7zTFEnu8jQ0q-dleNNOZCbcdVtK0zsJupnfBLF1GIVmGvmXnc8HqMNcxJH1HePVGeZwaGVcTRQ6fnZj9e605yboysHmoRi1rqKodIAJEQ6RT84hY--4A2N_OoQsz2OuDpfSC5wgYrDSOIarhuffRgnSKbbWxwYbEFAnuaKzNGDDFyPXr7thMV4sWsQXmMckLxSKDVsk-BmFIHsNj-8HazyKRuQPV3-z5d6cPdk-ZZVaWAS729YLFXKsDM2Ch4qLwR3Krmjgrq2ZkLTn3vPZG_Fl0BVmdAZRa4HLCa5eSuVQY6GV8dQgv4iyoHvJc85AE-SZPlbojJCmkg2sW9TQ_fh-MovbD6xVAKD3OuDyFmOK9dmCvRN_1uuoOKKZIuTE9MGJJ4BqcYUKuidUAIu-dMbdR8KYCoU3btbW181ZMpLt4sIQRmGeXP3s6-XOCCySemBlAoocY_7tOcL0yvDB2vAx-GiLUkTbiIyfAedmUa9Ep5R9olWTBn9Vb6_W9WtI71PUHhB1ufkso-wl6IlosALOJshPhfSmsmGEjtkpYKRaEW-YqJ1O1fo1rym9I72tsyhCyyaUxwrTm6COQQ6WfSe5UbQrp4_Bx-M5QL2JnyxKC1tLajVfC-yUTZkYO3xReLUYjy3XbeUYGsDt1enlIguaJbM4pAhL3vXmWQkRCoQi7sJEINHRddsJLcnZ85MAQ3cY6QeTmGAY4XAZbJXGSXRpqzoJOmyju42EFK4m0cdYEbyMCfCQ5B_l63TvdtG2AguVOYuTGGQl8o4ZJflnFemektn6ZHfG8GyQMCSeTTAwM4mlCpADPr9yInHsRNWY2r5iJUw6HPkTB-mZcjPd3-vi2R574NGkmvFMLqI6gOyscTOWXgSw&cid=CAQSTABygQiD7qejMYqv9YortejnwT3K1gbffc9oDTFEKsSf4P1lh6UZhhpMlNU_A726avP_9cf2De0SlBp35ZHOolTxuYFpBsicfbLciHwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoooralive-tv.net%2F&ds=l&xdt=1&iif=1&cor=7480533123041740000&adk=2857193498&idt=47&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C6DB 28 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5680 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=613d14ba-3f69-f41d-c9a6-c8c9653f9b70&tv=%7Bc:atKGLB,pingTime:-2,time:143,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:556,beZ:558,mfA:560,cmA:561,inA:561,inZ:566,prA:566,prZ:574,si:580,poA:582,bl:613,poZ:613,cmZ:613,mfZ:613,loA:663,loZ:665,ltA:699,ltZ:699%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B136~0%5D,as:%5B136~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC7B9CD+11%7C12.990511-61634096%7C121%7C1221%7C123%7C124%7C13%7C141%7C1421%7C15%7C16*.990511-61634097%7C161%7C162%7C171,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:24,sinceFw:117,readyFired:true%7D&br=c
Requested by: Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5680 0
0 57ms
56ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIPPuZyDqZW_Q371l2DHcjdFDLTY_Ty32Q6y-gqZ2Yf3ywrXxoGmKw2qxD7LhL0aG5GqXwq-iFExFYrA2fZ4Uq_XAwIayDgJ2NqfeCCbXNjZVsgudlC-Q8HwAWo51MGIIM6TWryY_a8Xx3TZSBMPTTCBbyumeal_KGBsYyERIbPjYh8QUzw3Bd1T56Ls1-q47QHU3lFX6c0rAFEaJ-nrut8txKxq9FLJAyf0QYH7u5qcK2RXcleG_yVa_tPLiGemNMNYhESOgDZrpqoqisCHDXWoCCS0tUNKRV67hduSphpL-kpqGD8LRTqm9s-3kW9e9CcpGMXc6hFB0FontMN9jj0CAPhFXgZAvO-hr2EDpYGaW5uOBt9V_ysSdFloI40rLzF9NDVhJRII5bCNQP_JoWUIDOa2l4Q6CajP4324FF4DrGeCZFoNI3jZHWOlPB8QPFyDSofleNHKD-Pduk9v-aU9-SYjJtIuf3zY1sT5tlqaCFUghtFHjYRSaC-ji1N-_ur-OF5iIEh9UXsAehXcRIfhQqOpPGakQRhRMLQVEHQ-PC0K4TypuXqBbU5EE6QVFAX7SiOSTtVAHHSbPfOA5qwlWJOJSVvqGHay1QFBs6-qD_GnPVL-XERgvfiLFPu2I65_TvwyZfZrrbyWyy8jhNcxEwcf6c-XF__kzWFaWRDPMribzGuIQeah7i0K1sWL51IQOWsREO2w_oeU-fwZqd43DpNUsvkrXvABchOtE_Xur0G8NhmQ5csaGd7q6XNRlV6Cd6BI7CYHoo6FuHXNGM-9FZhYQvjMvJNGh8eoXAeW7somMCfVz6cThutt9cMTlQPBADO6YuZuucGLPzsJ2VXNlt-CMwJa-uwOeEwkvinMqsvBHD09t3ojoTjBxMOTHvpwXmOwK-eKok02Biwh9p38LmFM49dcLhyZcXUd8LBjhh7mOx4-UXXcpUvu5JwJSBhiiu8VjTf12taoboStVBGcYVJlQKEZN25CdqmCwWQTM-cOP8yyrWafE5-GX79zhqI-vQ-ligiKMFHE4yVPSMVey7Gd84I3Yh-soUkdCLXmbyFlKqC20kL0XsejVwSk359iSi00doJLFdIge4rQPFSW6pKzjL0YkYkejyEZz9p0EDSYPnp7TsObrhf_KUulBUBT-rNjxqYDsBa-My1aZkD0fDB7gYITmaECB0Oph40IMBGHwuJzq-ElaEgYjR28MDWfdS74vVLV9V9xBjNlbYqqmX1WiZ-c5bDsyj-j5IEUBNZ6T87nf6jdLyPOr39S33gVVB7wSwcs1raDg8Jrbc&sai=AMfl-YSPUmr8xdWjAYpqo5M2-2OYbJiXqTo1GtzvytsB_EHPwI57G1ajlP18Wb8Xb4BhFCgZ1lFxQ4lcbfCg-9qBss9z7XiTmyPD5_eEdAWniI90qNgliAw8wcCseVWMG_efRhK_0XrqIZfqqMTtmu8yPR1ccD5qUrQ_JkPQ21LM1a5vsCUv-yxWeWu3EtEc9ULZscT4PXdx22uTEDT7Y8nbibzaNLxSLGSiZsPV8APyOpUrOi9MXAO5xigHVEteml_zX51-DCl3-0_WANXe3kyE5C3YKJNTGMsp0MrW&sig=Cg0ArKJSzJM83rRF86kzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=402&vt=11&dtpt=264&dett=3&cstd=136&cisv=r20230418.12253&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 02:56:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57F 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaTFIyExDZI_KJsm_9u8P_-ikiA4AAAAAOAHgBAI&bg=!3d6l3orNAAYfNdXmPzU7ADkAdvg8Wlf6gew0m1floWlKOa-dwabVg1zb3znTV2yOIQy27EqYtKM_cQ1NpmCagME5DXpkNpOWMr8CAAACGFIAAAADaAEHmQNEAWgNFKyGpiqYYEpjjiQFoaxLWmY2SnMSFJCwRNkahIztzqs0ZJ_D6ymOT8LKcgYAO3IU_TlxWv8b5-rz07Akegg7J5v_sWllq_mDFT6_Q1xR82PxdmLfKMXkmkkTPj9Mr6-aVIp11vhpkdKyvI71ByNeObJxlGPc_mFOXvz_39zSnLio8SJUh_YFuwvW3eygvgNqsAbSydPxG9wWbVXqDroGUFhTNezxjY89orzV2B983y4rqevIIV4f2fw2SYHzQT2IZpBrLpgLQT7GEGTEDcO0b89Hqqe4mRU-8jDXV96LlxF2tIAU2oI9mC9dyAJvZdeiJPrLbNQ4wk-j51HYB2qn406w0_g7E0XIcaNWcqDXU2ddb9nKLoRdyMfFEPm5BC7T3mfVIyD2AZAGMt82NFvxarloL5i0spCUso3P50vD9OpG-7JEa7m7pTiSnxjEUPVfvKmIweBcOt5YaQ02K0vreOxVcLD4qmNWqdLV2L1Od0LkEU9Sg4oYMBhVATqcX5Fd2UcX7wHCy53JKFQaJ0lLxtjslGbU39fBdOL2lgfZA1lPpLESVREGbgM0Y6MF-hHnSMob9kFhVDGDEC0S8n4GKzeSb6zbS75zLuq3OxQDYxZtdDaYsbViOjs-XclP2wpLcHloR8CHd58IGFiknnqFH6_GH8M1fpWLz7AReqyUEMbcyOZZFByYPOcfwUjb91Y2y8tSc7gJIen-UApg9rUscpGqLlCrgQyNz0L5hXxP23Ch1vzFzD4pP3lFh9_4ob-CPpkTkhrusPU8bznNXVo-k6tueA37lne8Rc4J0NkwA0qa3gZMVxXGIXNw8Y6UDP2CFLvHZo9cZ9dsH0tD5UuBq5xPassmrenxl0CXrUMdC0nA7aZQhL-MD5y3aGC7e1tbUD_EynRirlFKf_kCe4TQLEm9QjF8uK5sfZXImKHIZcEa9AE2eTy5dBipVpPm7aPZfqBPlpWB0F0yXAdIlPZqsVtFyM2kl8_sLOg_0fCUH6KT56dxXwYUkvBCmBnIdUUHxfQi0pCd31aNyNpGSdqQLu_nle0Tml3wLYxDnls_B94fxU4jWlqBvdTy-ovEJVMsygieNitUxSNL5gjm3W2p5pk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C6DB 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
DATA 200
OK truncated
/ Frame C6DB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2ee186632151449797d318610746f9807f164e18401e79b1975ffba24458eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9548364509937149214/ Frame B15E 15 KB
2 KB 30ms
28ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2270
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 02:56:09 GMT
expires: Sun, 21 Apr 2024 02:56:09 GMT
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6DB 0
0 66ms
66ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaGRvB3kX1cLHHLf97l8gBj_VX7FWRR4bLQACnJFvnAK6aah2KUhJa28vcfe3b6K5sLhFSdAAgAujpJhzFwvJ23AMz-fBTxzq0yM8Dy1fDDFCt9dk7cyN_KKpeGMqvonk-QAISfaW6eLcKYRE0Y22Mt51h46dxfxRKYBWbn6FWfCCaQAuxeZ01L76w8sPccm_fOST09G_EX24hW16fKkizxKma12N6Pmq5j_yUTXnvVBvxV3G4jUrGOVUOqUc-qhUl4PE8ICnlgnaf5cYvnWmL7CDJOuFXcHQHNypzYAQ-Dci73Uj0SbOG5pptOJ56swv878syJMoySXczvVwthKP2uWwoC-JxRUTNZbEeFmvyB_dgq_Suac3g8m4yDADlTjxay6mbTiNMwB-BRSX-D86eZw1e_v-PZkZ-r0uO41nM7INzdsTizLMl7Dn6SxosPMERxjXgj_qiS7zrFwcyxowzABFFdcTLswSu7sm9il9x3yCrjXe8g7So4QwCYCKNVvG2Xh7nKxxwqGSbevrAy7P8Qss4zaNdyaaRQJZ2vfZksc_mURZqy2W-7tB3NdzWHXBDLFyGj-bW1PaU7-44IiljjUP27175rrw9htr8tUf78zXvfbaMsAXZAFdooJRZo95uA2WzriISKrStIwLiHR9VdGrOktPmnK0fTojkeuk5JmeRMreoHJNDII1MW1Blu6WHUuqO99ZG_GOj78OYRcBRnNwGzwGXe_A-EhBrUgvAzPBkyUt6jJKghfqLwidoNKB3qEMfH0f0V1CTzk9YBqZRAC8dV7N0iGPDgLZCVvc5h6QMiTirs7C_ri-GDrp-1vs4_zLgz_HfacIi0oKLKCWbk7FIyOXeTDtvFl9qOcIAsXQW-Tbz-_oJHH0_SKA7b0WjzxPrK_1N-x9k7473XJRvyHflajqYq73yAcJzYLVG76JZ2tv8scYKGzFAPJ0mCcoM5GEA58RnHymqDcqs8q7fWkJaUPWDVrOw1LuOeDVFjYXEoIlj6MPUGWCOL_xaWBfU_zbWva33vjoRblAi9IZsGAn2wGg6FnikTW5jG7WdJ883kz74pBBqbwa7OgfyIZ3pKd4ZZCrAlSZNyTDQHZqKIgzD1EpByR5dHujEdAFWufGV1Ul3kvcT6mZ1mOzv8WIQemqqbKhfAUDAZ1AYlhuWYi8_DM3XbrYVAmUEVK6lZwiizh2ggO7Nlboj2XPXhHXiyMmpTDOnH7sQAP0qw1KGPQ0U_xvsH88okGiU_YN4KZlR3b1gEXe4Q6l3rgEQpfEpzote0YYkG8ddvztMA48q&sai=AMfl-YRr0suKnZMvmgeuniwa6iXbIBPjL7S4U5WVo1E3b9tLv-RCqFAtmgVWIbJsELqmWcFeZngyueN_vZS6veLgGnEo3PKv0tw3hfX6eCJ0TshrJVIYrBMtJqT4gdhjpQ2MHQHBRyhZn-REBpDAkyujXn-PoMbnpGNvDwWv6pJmKY5-ThCfTEFjefb2el57QpNolc7PP655_xFjSTWvsmE1d-2CsA_WaZvKr6Y_jMpCcaItQ1Oy6HZT3dIA60DHrnInmPZCMJk2Lnfm60dEqcnyFUZ3z90uDFrhGUJY&sig=Cg0ArKJSzFW-YLw-yMkQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=111&cisv=r20230418.79268&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:56:09 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0124 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 90A9 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:05:10 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 90A9 3 KB
1 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 02:58:24 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 90A9 12 KB
3 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 02:59:30 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 90A9 4 KB
2 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:07:04 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 90A9 6 KB
2 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:02:16 GMT

GET
H3 200 970x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 90A9 34 KB
34 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/970x250_kv_paar.jpg

Requested by

Host: df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
URL: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490a0a636b6524b952dc10a3968522b48f663b70f0ae12aad99bc22bb9330cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:50:01 GMT
x-content-type-options: nosniff
age: 368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34678
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 10:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:05:01 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CDAE 22 KB
8 KB 23ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 233150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame B15E 9 KB
2 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2341
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 02:01:14 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B15E 118 KB
40 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 08:32:17 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/9548364509937149214/ Frame B15E 20 KB
5 KB 25ms
25ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 02:04:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A54 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv0mEyExDZOv3K9T03wPDmpGgBwAAAAA4AeAEAg&bg=!XV6lXgrNAAYfNdXmPzU7ADkAdvg8WlhKa2A3jh6shZEGNs9hRyvWGwag7zc4zTSFujMQJZCthmrhSEhhm7GVi7feBPxcmdq2pXMCAAABuVIAAAACaAEHCgAvrTt-I78LVGvNZq2v54sEA1ggXgjTHVg-u5UaozCclPXQWPmbfiLbYj2HxO-xwzGZAwhE42RiSpt6DV2rHVMRqNJ2nAQ5XTPhBGuwugB8_0Kr0A8wBzFSKxlvu_Wcwv49ldyFIldl4DFctImfnYKVIoWOEApeDKt-qj7c0S_0MZwOy6WcaWqUMf8fbvBzGLs69XNk3YGIC0kNXAPO84p2-xOO_ojz099SALsP0sjhmNxIIH2v4qWyuiVesX2HOPXoi1XpNad74X0wrjkjAWR8Ade4tx-9avIKcsX5vJmgxLOuOW9tYnNKsfFFrPY4CsojWKSyolsAZi-9zu92Tb1z2kVm-bwD2C5Hq5_3VWk8ZyoUYJEQ70NomyCZZkF1etBJ7SI-Ofg0411fkn5QMaGk6WYHtCrkl7S_2qwI1jTO6c3h-c6REojEQyyr-G9ZO8nSxPRN86UDNG4tYH0vPe9l14I-detMPaewXgfp8FCVNlkOpJwPKdGIQBLb6L02YJMGlfYzTJuGD3MdKaPiIYE4vKSlixWkaArebg--QyUUMZ76IPQZNim2ca-V9JdLbMQSZG1BtOKiCOta9koaBkGuGiNojCKhgB69GbWkzPCRT-WTsY9YD1UwSfqETktxtriFUHYW7ot6Z65D8Lywj-GjLDxF-gj8ds9l9w40diP1lJan2Nm5OYCvKln0dS66DprfowMGrSIj_Q0sQfwQlXNwxT4xmIhS05SJ2ajfmhWUXT7b8p-TWVZrniBdB2FN0uI2Bdw1xJgJu8D1XAJPSedEdhJ1RUD4Toe53biAJf6Bb2EKwszI7WQBaHAqv-ixhI-sJubx5RJ2Bn0JFfwXqL97FtXUinB7J7fcsERxJERTRfdtpPIOYfUPgw07N3fBjpS3zMx1voLKReHP7t9s2j57_28Zo4koQ_EkmLNG2XA7I10dyIoAEZPZHZoplboQ22oefIgxRDu88TTNioXta4aNXF4tzOLAQ6vl3DvGq-rBa5bLQ1sygYkA6BginYUZVAT36Ee3jEkS2gp17G6zo1qa5WMIv6RDxuh1vRWaqm-NQGm5LUPdiMttIeHhpYEJB4gGcC19u3MBvUWFvw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGQ7,pingTime:-10,time:800,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682132169831%7C%7Ce18f4bcd33203c6f0a6a6a2c7db6b417%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C30bbc041adf3d5f487d0d60606b466b1%7C%7C66c330dc019e19c1e0f00b673e5e7f34%7C%7Cccdbb7dcafc892076d3f7cf3120c2266%7C%7Cbe513ddde0cfdeddd29969adc84ff814%7C%7Ccdd9c4fc98bf3cba22f722f54b7a71ff%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame B15E 3 KB
1 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Apr 2024 02:05:33 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame CDAE 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5680 43 B
222 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=613d14ba-3f69-f41d-c9a6-c8c9653f9b70&tv=%7Bc:atKGQu,time:446,type:e,im:%7Bpci:%7Btdr:167%7D,pWait:10,pLoad:290%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B439~0%5D,as:%5B439~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:147,fm:tC7B9CD+11%7C12.990511-61634096%7C121%7C1221%7C123%7C124%7C13%7C141%7C1421%7C15%7C16*.990511-61634097%7C161%7C162%7C171,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:261%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
server: nginx
x-server-name: ip-10-31-7-207.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADAA 42 B
174 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkcMQbsu5C6lT_B9NRvwbv6K0zqePLYeQqBX8gkN_U31n_xyTm2-HcRcNPgHaLYIZQmlfhcyC_j8kVfJ0Wc0dHilQx1O6EK7L-gtXekjkEbm5pj9pWzr52_NweSZQgXLyD8SzLxg&sai=AMfl-YQQs6i01W_zPdxK1lNfalsH1DY_h9KFzNR_IGLdSpuQ9xHiWt_pNuMNZGNpaqIJWn0Z1rloMl3-G7LiWL01MbPHLokmMbocop3YqFdVd-noru9bLCvALRIyzOIUiH6qzV8Du7xrcHoNKmpMHg&sig=Cg0ArKJSzH65fUZkeBiAEAE&cid=CAQSTABygQiDpqsEy5-VvHNMykj7mycZA1zfOPGzhOn29NM7r-vSplBPvDpXDhs3nJD1MrbUB_TyLGFyIyXDQ6IDn0uVvrDgTgVuCCtH4jsYAQ&id=lidar2&mcvt=1011&p=1110,436,1200,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3469974626&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682132168401&rpt=393&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame B15E 13 KB
6 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:38:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B15E 7 KB
6 KB 33ms
32ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5844642a04d67c1510f15646e916fbc2a20201a55d7722c0b42dac53a1ee7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5702
x-xss-protection: 0

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame B15E 98 KB
98 KB 31ms
26ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:50:24 GMT
x-content-type-options: nosniff
age: 345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:05:24 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame B15E 57 KB
57 KB 26ms
22ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:42:44 GMT
x-content-type-options: nosniff
age: 805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 02:57:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0124 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bp-VHyUxDZJpZguHH8A_A-ryADAAAAAA4AeAEAg&bg=!qaqlqv7NAAYfNdXmPzU7ADkAdvg8Wv0qdyITHzKwIX8gB_HC9OSO1uKYALP6q-p3MRBaZJVjFW2_NxjMFyQbHE0Via2nBNV82IwCAAAA6lIAAAADaAEHCgA2IeB1Omvh_JRQsZgD1rrEvE4VXsM8kmMP3Px3RggFvWmJQGodcoCsLaExOs-zB5zmfODCgtmWmQMkic6YnmJnknt_iBgP1yPmC0gCYG4DmuFZPQklRWOjeKZSoTztjPh_0JCL5mMAL0Q4phtS8dNiCxbNaiZ4lG1to2Engunh6HnKNWpx8p4NrZRcxAzMRqi2OUyFQHFVYwVfzhOgFwGmUH7snONrZz17R6KsTx9MjvRWmFdqnbkIyS7L6J0FpIXAN_hAUT3OcfNPlV-vDwXK33Ycra8DeYraN86ZX40_fEm1Gyztww56t25DWurVVAVzXsZvZESOgEC63SXgAw8LKMP4YPFWtPAlBtryKXcmjdo64JLfHbJ2F1_B5X6KMOyTBw6VIYEcHaSzvyGxRZs5ovVAL7ILl8-MyTgGuioLZMg5HJvpFRbNqWjDgc2yuEAjJzero-JbYx1CCB6HyYzSjepAr3rc-BY3L2z3vK3kA8aYi6qKWq1zc0DuceM1q8Ny4ozn9CONPxN5E-cgxfrVUwEWGlDcPtJyiCoeENNe8rOJRIWhaxTAieGX3bZQdkMUb9y1OHe1ucr4FC1XTzmO70lHyURnQ2kKpAgO718lSkZvHH3UACcFlFi-YqTJX0fDt37fT0An23WrL5HpwbcyCeYpj5TEGiY__Kro2cuoyJE8oDbaqx9k50ak_JfZn4HSpDCKQlTYmBYEVgZVu33H10ABr3Vy88vt-cDf0Jutt8QhjZL0IZebcYn7iwJN0wEwQyuWrFZMBfscToYKqW2M-n5bxRyRoiuQMwLpfJoHh1lY_GQhtELzKSavXIczjZAGhsv9FlnS_8Cj7TCyTSEGNa4bYdca6tzDZXwY54LJ_VfbdyEEbxAjpC8xY8AB_067ufL9Wn5C6OlpJmsKDtkUb5hoie97p-R95hLhrNhZY09SEkAtjwqDXD4Ls1SuUc9Q8u5IBMCEc0P8661jEZY3KwAlWj6RWmKL9G7d36Ik5e3t6yQBAn1LQ1zGtMe1J_MNCFlFz3vyUyNAmQZBcjU5abtoV_2F1W8IfEF-B9pBbfNfiV0m4LpcsCJOmbf9WV9wLLhASLMybjpys3pDmcXd2xv-WuJRgILBoU-ZLBix8yDIHLQmI3WiIBD5yPgz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B15E 17 KB
6 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 02:56:10 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6DB 0
0 62ms
59ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaGRvB3kX1cLHHLf97l8gBj_VX7FWRR4bLQACnJFvnAK6aah2KUhJa28vcfe3b6K5sLhFSdAAgAujpJhzFwvJ23AMz-fBTxzq0yM8Dy1fDDFCt9dk7cyN_KKpeGMqvonk-QAISfaW6eLcKYRE0Y22Mt51h46dxfxRKYBWbn6FWfCCaQAuxeZ01L76w8sPccm_fOST09G_EX24hW16fKkizxKma12N6Pmq5j_yUTXnvVBvxV3G4jUrGOVUOqUc-qhUl4PE8ICnlgnaf5cYvnWmL7CDJOuFXcHQHNypzYAQ-Dci73Uj0SbOG5pptOJ56swv878syJMoySXczvVwthKP2uWwoC-JxRUTNZbEeFmvyB_dgq_Suac3g8m4yDADlTjxay6mbTiNMwB-BRSX-D86eZw1e_v-PZkZ-r0uO41nM7INzdsTizLMl7Dn6SxosPMERxjXgj_qiS7zrFwcyxowzABFFdcTLswSu7sm9il9x3yCrjXe8g7So4QwCYCKNVvG2Xh7nKxxwqGSbevrAy7P8Qss4zaNdyaaRQJZ2vfZksc_mURZqy2W-7tB3NdzWHXBDLFyGj-bW1PaU7-44IiljjUP27175rrw9htr8tUf78zXvfbaMsAXZAFdooJRZo95uA2WzriISKrStIwLiHR9VdGrOktPmnK0fTojkeuk5JmeRMreoHJNDII1MW1Blu6WHUuqO99ZG_GOj78OYRcBRnNwGzwGXe_A-EhBrUgvAzPBkyUt6jJKghfqLwidoNKB3qEMfH0f0V1CTzk9YBqZRAC8dV7N0iGPDgLZCVvc5h6QMiTirs7C_ri-GDrp-1vs4_zLgz_HfacIi0oKLKCWbk7FIyOXeTDtvFl9qOcIAsXQW-Tbz-_oJHH0_SKA7b0WjzxPrK_1N-x9k7473XJRvyHflajqYq73yAcJzYLVG76JZ2tv8scYKGzFAPJ0mCcoM5GEA58RnHymqDcqs8q7fWkJaUPWDVrOw1LuOeDVFjYXEoIlj6MPUGWCOL_xaWBfU_zbWva33vjoRblAi9IZsGAn2wGg6FnikTW5jG7WdJ883kz74pBBqbwa7OgfyIZ3pKd4ZZCrAlSZNyTDQHZqKIgzD1EpByR5dHujEdAFWufGV1Ul3kvcT6mZ1mOzv8WIQemqqbKhfAUDAZ1AYlhuWYi8_DM3XbrYVAmUEVK6lZwiizh2ggO7Nlboj2XPXhHXiyMmpTDOnH7sQAP0qw1KGPQ0U_xvsH88okGiU_YN4KZlR3b1gEXe4Q6l3rgEQpfEpzote0YYkG8ddvztMA48q&sai=AMfl-YRr0suKnZMvmgeuniwa6iXbIBPjL7S4U5WVo1E3b9tLv-RCqFAtmgVWIbJsELqmWcFeZngyueN_vZS6veLgGnEo3PKv0tw3hfX6eCJ0TshrJVIYrBMtJqT4gdhjpQ2MHQHBRyhZn-REBpDAkyujXn-PoMbnpGNvDwWv6pJmKY5-ThCfTEFjefb2el57QpNolc7PP655_xFjSTWvsmE1d-2CsA_WaZvKr6Y_jMpCcaItQ1Oy6HZT3dIA60DHrnInmPZCMJk2Lnfm60dEqcnyFUZ3z90uDFrhGUJY&sig=Cg0ArKJSzFW-YLw-yMkQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=496&vt=11&dtpt=377&dett=3&cstd=111&cisv=r20230418.79268&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: koooralive-tv.net
URL: https://koooralive-tv.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 02:56:10 GMT

GET
H3 200 03032023-031220603-1456_180_horizontal-625px_congstar-xaf6184aa-3d69-4fd8-8c40-58bd22fe7e51.png
s0.2mdn.net/4528404/ Frame B15E 75 KB
75 KB 23ms
21ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031220603-1456_180_horizontal-625px_congstar-xaf6184aa-3d69-4fd8-8c40-58bd22fe7e51.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a171e8a9a6ae24cf175c0ef851199290d01516a46a338de968a8cb9cdb712edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:11:59 GMT
x-content-type-options: nosniff
age: 53051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76663
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 12:11:59 GMT

GET
H3 200 03032023-031223692-1456_180_quadratisch_congstar-x_ohne-x-2a40b6d1b-f64b-4fb4-9687-a98690d67cd7.png
s0.2mdn.net/4528404/ Frame B15E 35 KB
35 KB 24ms
23ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031223692-1456_180_quadratisch_congstar-x_ohne-x-2a40b6d1b-f64b-4fb4-9687-a98690d67cd7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d09cab2ffe4eaafe307a0bdcda04620353440346a1f445850707c56382e9cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:05:37 GMT
x-content-type-options: nosniff
age: 3033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36230
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Apr 2023 02:05:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDAE 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGtadyUxDZOrNFpG6gAeerrjgDQAAAAA4AeAEAg&bg=!YmGlYTXNAAYfNdXmPzU7ADkAdvg8WqZHn-Qno2df4aHR9uF9KG72E60Ana6zodQdAPbrmvNUD_WcDpL5FjwmuVVKHflj-McIiuUCAAAAklIAAAADaAEHmQNW8rQ9q4ilWtGhDzrxd4q4ttiJayGtD7eSxiyJJ9WeSbovGy5aS7BDA3CGfV1sOj9tT3aKh8pgu_PQ0AMSo6MjnRNWuh6LnB2WiHpIOHZFC50Iv54Bx2EyjlNy0rmk8TdadhpEsSCKZ5xi5paoZzJFIi05zOWOMeT-SLp2D7cfXmuT1Agcisf6n3E83iYfhoL6BwFk2QpcUpnCBn1S_uYA7XwRvSWvYXgjN88gicIkft_4rnnZd0eoVsahZ4vgKVY7wl4WJ_z898hPQjVFg_kL1Ij24eZHAFvN5bYfBhqqrB165ETK3ql4h1BydaZoyBlc7yrB-J-BiyWUOE3Qa9SeZmDjd193nXO2-sq7653GPsThs9mNj0LJpncGmT8TlwE2fMd8DZh4Tob17NCUpES4r2oxLSWAUelwRNf3DH1XLdH9yz9YPbXvZdfhTVUQtRysM6piSyioQEDZJQOJU6iWy5d0vnmuG61-bF718sBQCuWBaRRrxkQunaH9iVMEUqDGJEA3LkvJ0valYzZZXJfiFr-SGICYmVDZWLGmkI8a5J8s7Yv1-Lool0H5pSo8j6EE31ccrU20e4LR3pxTOVOR_L3xnQkvaUpL0Pm56drCI5d6pYjNp7kwR93KuMBCYoLu7qnzD6cPKbsXxspX9d3liOdJDFFMX-_5GG9ftrAQt0WtddSsRmKGOaRb0MErGRbi80y6EknltnDDdiddyDKBvdCY-hkhYqqxMIahGXDXHCU-f8JgFcQOh_eR8UWZ-2kxKdAV8NsF9o1UUDcwqRbmoOE-hMwlqwgeNcOdJMqHXb9hdiN_1g1dhCiycTXbgfrUBvIVcwMGvq4Jjbe7R86e9F_P_YgLlDDjmPWtMidzrCg1PHOApzLr5TcOPZjlTqSdisWN678lSzvyB17j8721qnxGUn7bJLyX7vcXasv4dgYQ8zkp0HS2z9BGnHw1Zdt4SenCTmLLUsEQNeVIj4GOxa672YUl_ZdYlihG930AasRPouqctZf3DAxsFrqFxaa-b9d5aZG_HBjiWGQkewZbUnjOBprGdl_CRh7-xSi0zAEpzJs0e1h3lhmbBc0r8UhZv0Y3HdnwqyTX9yzgwR7CSv7nPIdRjwxUPkR76J7u-j3JPzhYSgc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031220603-1456_180_horizontal-625px_congstar-xaf6184aa-3d69-4fd8-8c40-58bd22fe7e51.png
s0.2mdn.net/4528404/ Frame B15E 75 KB
75 KB 23ms
22ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031220603-1456_180_horizontal-625px_congstar-xaf6184aa-3d69-4fd8-8c40-58bd22fe7e51.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a171e8a9a6ae24cf175c0ef851199290d01516a46a338de968a8cb9cdb712edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:11:59 GMT
x-content-type-options: nosniff
age: 53051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76663
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 12:11:59 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 478B 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
222 B 115ms
114ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGWb,pingTime:1,time:1176,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D,%7Bsl:i,t:175,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:133,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16.990511-61634097%7C171%7C18,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:436%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
server: nginx
x-server-name: ip-10-31-7-207.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKGWc,pingTime:1,time:1177,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D,%7Bsl:i,t:175,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:133,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16.990511-61634097%7C171%7C18,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:436,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5680 43 B
222 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=613d14ba-3f69-f41d-c9a6-c8c9653f9b70&tv=%7Bc:atKGZv,pingTime:-10,time:1005,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682132169831%7C%7Ce18f4bcd33203c6f0a6a6a2c7db6b417%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C30bbc041adf3d5f487d0d60606b466b1%7C%7C66c330dc019e19c1e0f00b673e5e7f34%7C%7Cccdbb7dcafc892076d3f7cf3120c2266%7C%7Cbe513ddde0cfdeddd29969adc84ff814%7C%7Ccdd9c4fc98bf3cba22f722f54b7a71ff%7C%7C1663701684,sca:%7Bspg:a2ed0f83-3707-150b-69e5-52851c10eca3%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
server: nginx
x-server-name: ip-10-31-7-207.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 581E 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9042685935338&version=m202301230201&ct=77&x=1&cor=3720802357460740000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 581E 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2nAPTdrUXeM_W5IlxVDTKd5poyC3lcTcmqOfHO-mLln4N4GF81SKeb2STzKelsAMTZosNK-XtVhHvBtdQEOaa3zvb_jelWd_-bzbzVl87AiLpKwkEJnVa4Q9k&sai=AMfl-YQW2qsKcnz7XwG_IxkpJmsWGS0Q3VfFvMKxDmpvoCo42CjQ2FVlHG99TI-VJTXH3CeySAFtywilQxpz3YZO5YQz9KuCQWFoTnQMS7AyYzlJbhbzaycq66dFG6VZyRlPMip-TNq4YpW-QveX&sig=Cg0ArKJSzHrYb9Aj98M_EAE&cid=CAQSSwBygQiDmylI-WIBZW8dhdBgbcmWYc8B_ZnD5DXB2SUqyr-fa3OP5vYjrRgzVX4bjxOzG_CvfT25XtwjfZdyuEzFgQr34Gs6G3UCcBgB&id=lidar2&mcvt=1000&p=263,315,517,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3763906004&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682132168522&rpt=955&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADAA 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1865712133087&version=m202301230201&ct=76&x=1&cor=8229609436232912000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6DB 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNHCXPDn-knADh36hXtETzRzWS_eClgoMNA-0Mra6rSEh3P3QTsYePQhBCgu19SJNsv0ywClWrq2igVGGBJgwuN_FmuBwuKvrZNZPVLLWndTsp8ofSSExYy3d6ezzBmRfr5sqKWQ&sai=AMfl-YQZqNp9GXpij7yPA91rlkSAtbYpjK9FnmKcpC38A8F2n2sQBP2uIT-WpWLPYc21t00pFJNtbkt5gMUJkndjTNokFwz8XAMutjA8eUvcYSzsd5oIcONgRT-9Syda5Pe4-kVi84aP4pVY61lk5A&sig=Cg0ArKJSzKFfizksfr0ZEAE&cid=CAQSTABygQiD7qejMYqv9YortejnwT3K1gbffc9oDTFEKsSf4P1lh6UZhhpMlNU_A726avP_9cf2De0SlBp35ZHOolTxuYFpBsicfbLciHwYAQ&id=lidar2&mcvt=1000&p=100,436,190,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2196926945&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682132169024&rpt=612&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5680 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4307065124775&version=m202301230201&ct=76&x=1&cor=16848221677295290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 0
20 B 134ms
133ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3436415881760&version=m202301230201&ct=76&x=1&cor=7480533123041740000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031223692-1456_180_quadratisch_congstar-x_ohne-x-2a40b6d1b-f64b-4fb4-9687-a98690d67cd7.png
s0.2mdn.net/4528404/ Frame B15E 35 KB
35 KB 21ms
21ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031223692-1456_180_quadratisch_congstar-x_ohne-x-2a40b6d1b-f64b-4fb4-9687-a98690d67cd7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d09cab2ffe4eaafe307a0bdcda04620353440346a1f445850707c56382e9cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=JLIzhQsRzz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:05:37 GMT
x-content-type-options: nosniff
age: 3036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36230
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Apr 2023 02:05:37 GMT

GET
H2 200 dc_oe=ChMIqtau0768_gIVER3gCh0eFw7cEAAYACC03uxKQhMIqsiJ0768_gIV6te7CB22SgVh;stragg=1;&timestamp=1682132173084;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C6DB 42 B
401 B 134ms
57ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqtau0768_gIVER3gCh0eFw7cEAAYACC03uxKQhMIqsiJ0768_gIV6te7CB22SgVh;stragg=1;&timestamp=1682132173084;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ADAA 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a2ed0f83-3707-150b-69e5-52851c10eca3&tv=%7Bc:atKHYH,pingTime:5,time:5176,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5001,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D,%7Bsl:i,t:175,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:117,fm:tC7B9CD+11%7C12*.990511-61634096%7C121%7C1221%7C123%7C13%7C14%7C151%7C152%7C16.990511-61634097%7C171%7C18,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:436%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:9de:6742:fb2c:d1fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 02:56:14 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 20:51:32	Name: demandSupplyTi Value: f3913294-8323-405b-83b1-f5e67365b73f
.demand.supply/	1970-01-20 11:15:33	Name: __cf_bm Value: r0m3LTx9a4rgfRSTzd.vnLVGSODgTnwVpTqvUq3McGM-1682132167-0-AbH0WMSemGVTqGi7l1+vT4BgpQJ258Rt1znL1zqQc0WIPN6uzxLoyX0sZVTwjEvICDbKHgr2ZdsAk+YEPxQCieI=
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstCfa4715052 Value: 1682132168329
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstCla4715052 Value: 1682132168329
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstCmu4715052 Value: 1682132168329
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstPn4715052 Value: 1
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstPt4715052 Value: 1
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstCnv4715052 Value: 1
koooralive-tv.net/	1970-01-20 20:01:08	Name: HstCns4715052 Value: 1
.doubleclick.net/	1970-01-20 20:37:08	Name: IDE Value: AHWqTUkPDqmeB_kKmOLzdR5M7frYOdZGv5c6DO20h05qAvW5L6FMsoSqhgv7ktqw
.criteo.com/	1970-01-20 20:37:08	Name: uid Value: 4c8a670a-cf2c-4943-b10a-78b402c7e24b
.casalemedia.com/	1970-01-20 13:25:08	Name: CMPS Value: 5259
.casalemedia.com/	1970-01-20 20:01:08	Name: CMID Value: ZENMyJyDRRKq2efHAwjB2gAA
.casalemedia.com/	1970-01-20 13:25:08	Name: CMPRO Value: 3228
.adnxs.com/	1970-01-20 13:25:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Gt?o3!!]tbPl1M>e)ZlrFUfJ+tGXxoPZJhvBM)D'?0MyI:H-B9bSD7q]5)V`bt4QlbpRzqF1`b^)t)gcUM
.adnxs.com/	1970-01-20 13:25:08	Name: uuid2 Value: 8579070718020415415
.koooralive-tv.net/	1970-01-20 20:37:08	Name: cto_bundle Value: lanieV9EeHF6TkhGZE5SOXg0bmZqdkZDYWhnTkNXQThqbzd6RTl4ZG1nOXdrNWNjcmtVQzhMM1hHcVA0aHptZ3k0JTJGdHFvTzNYS1VaaE5XaUJyVWVpMjh5cUYyRnF0dzBxOVZXUW5ncUx0VlZZUU5JbTlsRHpIRVJrVFprdjZhQUl2WHZLRzZQNnM0VGdVSjFjNHElMkJqa2wzTW41MzJ0cmxvbUhxOFlQMiUyRkpQQ2lqWDglM0Q
.koooralive-tv.net/	1970-01-20 20:37:08	Name: __gads Value: ID=892d56ffbca67b18:T=1682132168:S=ALNI_MbLDQ3W7J1KD7wGYWQ10Nw4dkBNcw
.koooralive-tv.net/	1970-01-20 20:37:08	Name: __gpi Value: UID=00000bee189976b5:T=1682132168:RT=1682132168:S=ALNI_MZn2-A9F7JMfM7gG1Wr7KeUHCSB0Q
.yahoo.com/	1970-01-20 20:01:29	Name: A3 Value: d=AQABBMlMQ2QCEMmiePqHfuf5J4SkqQOuRfAFEgEBAQGeRGRNZAAAAAAA_eMAAA&S=AQAAAoaCXyujccNl5WoFhll5V1M
.spotxchange.com/	1970-01-20 11:55:51	Name: audience Value: 3bc331ab-e0b9-11ed-8895-1a4ab9540206
.analytics.yahoo.com/	1970-01-20 20:01:08	Name: IDSYNC Value: 18yl~2b82

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/08/1391464074.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/ger_eintracht_frankfurt.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_al_ahly.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/tan_simba.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-9.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/spa_real_madrid.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bcp.crwdcntrl.net
cdn.besafe.global
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
df750a96a4b6dc7da97169d80a19fff2.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
koooralive-tv.com
koooralive-tv.net
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
sync.search.spotxchange.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.kooora4live.com
104.111.217.42
141.95.98.64
142.250.185.130
142.250.185.226
142.250.185.66
172.67.208.32
178.250.1.11
185.80.39.216
185.89.210.46
185.94.180.126
2600:1f18:1aca:4280:9de:6742:fb2c:d1fa
2600:9000:2204:3600:8:455e:4a00:93a1
2600:9000:2204:7600:a:e047:752:b361
2600:9000:238d:5000:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::681b:4071
2606:4700:3037::6815:519e
2606:4700::6810:5614
2606:4700::6810:8616
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:6c00::210:ba19
3.71.149.231
34.149.12.213
34.96.70.87
35.190.39.111
35.244.159.8
46.105.201.240
52.211.63.23
52.214.4.83
52.222.139.7
54.39.128.162
01542c975ed3727d567968a2853befec72860e477d3606e0c1da931627ae171b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03c50415881caf3a6a961fc2856e2ada0d99690c183a4dbf4661631d6230b632
08b1183b4abf6d0b392f53de231e5e4b5861fc45521b23a7ee600f606146d110
0a58a306614a7d156bd0b5e3f0726da1a91fc74b12464ad32acca9a81d37f376
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1badf9524c947f03ace147f024101bb55f1de972619af328361d41d877f8282c
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1fc841e506c83e583ab37f27bd3b7f5f613f4f25711925332b69fc84605920bb
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
256de7cc9cddf5288d26626c54b432eb3e75da4e70a90e61ec789c1861ba4f40
26930c926ce0da9d846fec206e153caa142d8eee80d41678139c23dafd2753b2
273527979023b207e69b10f59667fbef83f83198077ebfa3c4f99994e7164adb
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27d46d4a5f82fb799fea2e679ad38edaf2241bebc8241d76ee3e48e74ca88b9e
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
301c811410d57d8dd3cfc7100edc751f5fc91a60b7b82c5eeb91a549e4ea8c87
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
344fdcd061a2cc84026042ce47460c9f4a4c3f05178d8c4b08f71c1d20e5dd93
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3dc59267bd29b07525659ae6c76ff643096111c38d819d12f0664605d2286170
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
490a0a636b6524b952dc10a3968522b48f663b70f0ae12aad99bc22bb9330cdf
496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d09cab2ffe4eaafe307a0bdcda04620353440346a1f445850707c56382e9cae
4d47e25b37d5458e70f70dfb6bdc44949a19cc5a1aadaa118b9e10d8d75e1e09
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
516eb32aa8c995fae3a667faedd51fe701d46130c2d52996d6b1326ce3711511
54797f996c1953f4e63f2a16e4ab7ee0fe52214c4dd888f39a03c5c3c8d08ad3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5620949b8328ec1492508c4e2671967554f63043bd62ec2d77532fc9da77cf96
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
5c5d9982424851b7e8820af6af7486424fea038f1d64a31f828d5b3260615f25
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643a09f1c5b32bb30ce61e64fd411e109dffb43b322402eaa64c965e27e13ad6
68443a94e22b924b05fb035a3c2d4b294d80b69e3626611fa9fb7ec4a2bb1e85
68b1aabc55846890a04378abf3b9d1b1843fadb4f444d5c14d4dde291ac33423
6b880c3c6cb6813e2bcaa47cfd2c410899ef23e6ade9a5f47e2ec2fffc643291
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6da59ab00e2b608eda9a52bcd54ec10359c77c42b3a63b42985f583d7f1e59e3
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
70996f1091cd80a4d4d219c188c0e30c076101b3493047b6a28a1014887506be
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
771470d89801445058b5b595a4070aad92dcd9f6596da24ce83e71c939a82072
776a8b3b224910e5c623e234752577d85e74f844e976ab061cb7b2d545340631
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8533f631d497bba214437cbe60e5737472d3140fa423e503534853fd301ef1f5
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9d3479b047b756490ac03a38e637f93a342f378c154500d7963f6b72105cdc51
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a171e8a9a6ae24cf175c0ef851199290d01516a46a338de968a8cb9cdb712edb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc104e5212e8b79974a5be0e9f75a217337b3cff3280b8db644a789b842b03
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ae02c4ab54ff217aa2decf69975c5211606f0cf5c6da086b0dfb6deb8fcbd59b
afceb80f47058dfe61dca39726b6adaefea41e4c13a38ed127e494bcdc46d25d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6b858475b4f37046faac15575fffa029ac24836e5f9a4ef7a42c3fb57c1dde
bc665b58a0aafa77d2b1ebdb0daae099ad88c706782b605c4e7a1d32f9cac34e
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
c2ee186632151449797d318610746f9807f164e18401e79b1975ffba24458eb1
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c842c63daa43e2f423436cff11196af7dde52e8aa08199121e35bc8b9a47c561
c8e08eff92b84bb96d2e1087f76ebd485d5b3f51dbd508ea5dd2f6c054af38a9
cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1
cbe8a467c38363174381d09d6652a87da13c2d346b84409746008f0d7c51a47f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d46b04608f2a24066e3d5568d772a0d0caa9925228b3b256d59ea5ad739f4e13
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e20642732d9248d13a1d8ac1cd54be5f0756c5efbc9e7639916cfdf649766b47
e20a6a74ba6b16e9328061c5f5b153e62b5babe247d142bfe7fae9210e8032f5
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5844642a04d67c1510f15646e916fbc2a20201a55d7722c0b42dac53a1ee7a5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ecaafad2fac501bf387d3ff1b77a92a6500b0998d95cc5e95726ad3d06b20a60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2468dfa7b2332332f83e8a3ef7f3e98f78e4beb31d757bdb799a26c89e0b1ae
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

koooralive-tv.net Open in urlscan Pro 2606:4700:3037::6815:519e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

231 Requests

90 %HTTPS

53 %IPv6

29 Domains

44 Subdomains

42 IPs

6 Countries

2237 kBTransfer

5360 kBSize

22 Cookies

25 Outgoing links

Page URL History

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

koooralive-tv.net Open in urlscan Pro
2606:4700:3037::6815:519e Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

90 %
HTTPS

53 %
IPv6

29
Domains

44
Subdomains

42
IPs

6
Countries

2237 kB
Transfer

5360 kB
Size

22
Cookies

231 HTTP transactions
12 data transactions