live.koooralive-tv.com Open in urlscan Pro
172.67.208.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://live.koooralive-tv.com/
Effective URL:
https://live.koooralive-tv.com/
Submission: On November 09 via manual (November 9th 2023, 7:48:19 am UTC) from DE — Scanned from DE

Summary HTTP 245 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 36 domains to perform 245 HTTP transactions. The main IP is 172.67.208.32, located in United States and belongs to CLOUDFLARENET, US. The main domain is live.koooralive-tv.com. The Cisco Umbrella rank of the primary domain is 923276.
TLS certificate: Issued by GTS CA 1P5 on November 4th 2023. Valid for: 3 months.

This is the only time live.koooralive-tv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.15.222 104.21.15.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.67.208.32 172.67.208.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::ac43:d4ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:c400:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:4c00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	52.212.57.114 52.212.57.114	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6814:81f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681b:4071	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	13.32.99.48 13.32.99.48	16509 (AMAZON-02) (AMAZON-02)
8	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
12 24	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7 15	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 11	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:350... 2a02:26f0:3500:d::1732:83d6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2600:9000:223... 2600:9000:223d:5c00:c:bbc8:bbc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2644:800:1f:f009:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.157.200.246 35.157.200.246	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.197.221 35.214.197.221	15169 (GOOGLE) (GOOGLE)
2	52.48.253.127 52.48.253.127	16509 (AMAZON-02) (AMAZON-02)
245	47

1 104.21.15.222 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

live.koooralive-tv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.208.32 (United States)

ASN13335 (CLOUDFLARENET, US)

live.koooralive-tv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d4ca (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kooralive-tv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c400:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4c00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.57.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-57-114.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681b:4071 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-48.fra60.r.cloudfront.net

cdn.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.98 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.36.155 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.89.210.122 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:5c00:c:bbc8:bbc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.de-config.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:800:1f:f009:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.200.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-200-246.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.197.221 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 221.197.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.253.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-253-127.eu-west-1.compute.amazonaws.com

measure.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	457 KB
47	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	437 KB
38	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	704 KB
26	demand.supply live.demand.supply — Cisco Umbrella Rank: 53681	41 KB
15	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	9 KB
11	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	8 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	393 KB
7	koooralive-tv.com 1 redirects live.koooralive-tv.com — Cisco Umbrella Rank: 923276	145 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 tps.doubleverify.com — Cisco Umbrella Rank: 515 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101	105 KB
4	avct.cloud cdn.lamp.avct.cloud — Cisco Umbrella Rank: 7888 measure.lamp.avct.cloud — Cisco Umbrella Rank: 7326	28 KB
4	kooora4live.com www.kooora4live.com
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 rtb.openx.net — Cisco Umbrella Rank: 695	922 B
3	gstatic.com www.gstatic.com	17 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	sensic.net 1 redirects pixel.de-config.sensic.net — Cisco Umbrella Rank: 60499 169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net	773 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14333 s4.histats.com — Cisco Umbrella Rank: 14235	5 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	9 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 940	416 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	36 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1513	880 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	610 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	150 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	259 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	79 KB
1	kooralive-tv.net 1 redirects kooralive-tv.net	487 B
245	36

	Domain	Requested by
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net live.koooralive-tv.com ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ad.doubleclick.net www.googletagservices.com
38	s0.2mdn.net	live.koooralive-tv.com ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com s0.2mdn.net
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net live.koooralive-tv.com ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
26	live.demand.supply	live.koooralive-tv.com live.demand.supply
20	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
15	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
11	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	www.googletagservices.com	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com live.koooralive-tv.com www.googletagservices.com s0.2mdn.net
9	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
8	googleads4.g.doubleclick.net	live.koooralive-tv.com
7	live.koooralive-tv.com	1 redirects live.koooralive-tv.com
6	googleads.g.doubleclick.net	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com live.koooralive-tv.com pagead2.googlesyndication.com
6	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	ad.doubleclick.net	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com www.googletagservices.com
4	www.kooora4live.com
3	www.gstatic.com	live.koooralive-tv.com ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
2	measure.lamp.avct.cloud	cdn.lamp.avct.cloud
2	cdn.doubleverify.com	s0.2mdn.net live.koooralive-tv.com
2	cdn.lamp.avct.cloud	live.koooralive-tv.com ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com live.koooralive-tv.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
1	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
1	csync.loopme.me	1 redirects
1	match.sharethrough.com	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	rtb.openx.net	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	tps.doubleverify.com	cdn.doubleverify.com
1	fonts.googleapis.com	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
1	169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net	ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
1	pixel.de-config.sensic.net	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	s4.histats.com	s10.histats.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s10.histats.com	live.koooralive-tv.com
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	live.koooralive-tv.com
1	kooralive-tv.net	1 redirects
245	54

This site contains links to these domains. Also see Links.

Domain
kooralive-tv.net
shoot-yalla.net
kooora-shoot.com
koooralive-tv.com
go.yalla-shoot-matches.com
kooora4lives.io
koraonline-tv.net
yalla-shoot-tv.net
fal3arda-new.com
yallakora-tv.net
bein-match.net
yalla-goalz.com
as-goal.io
kora-online-tv.net
yalla-shoots.co
yalla-lives.io
yalla-shoot-tv.io
kooora-lives.com
livesoccertv.tv
soccer-stream.tv
livehd7-tv.com
egylive-tv.com
korastar-tv.net
livekoora-tv.com
yallalive-tv.net

Subject Issuer	Validity	Valid
koooralive-tv.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
kooora4live.com GTS CA 1P5	`2023-10-04` - `2024-01-02`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn.lamp.avocet.io Amazon RSA 2048 M01	`2023-02-24` - `2024-02-07`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.lamp.avct.cloud R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://live.koooralive-tv.com/
Frame ID: B288AE2DAC87E50E219B56318AF53226
Requests: 71 HTTP requests in this frame

Frame: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F5859AA6A3156A32F5FDE2AC5F934AF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=live.koooralive-tv.com
Frame ID: CA28B01EF6475AEA2C9958C41C565BD6
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7065E64ECCB1CACBA4FF89D167E45706
Requests: 1 HTTP requests in this frame

Frame: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5FB789340053128B7C39FDFB090B899F
Requests: 15 HTTP requests in this frame

Frame: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2631CDE4D29BB197FB8FCDB0BC5E780E
Requests: 1 HTTP requests in this frame

Frame: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCCF96D8ACCFC01F8EBB2593B6A19D9F
Requests: 12 HTTP requests in this frame

Frame: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10EC9455D25A53F73650BB40391076A5
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbsIP4ATAB&v=APEucNVwwQifaFVOgVjkNKZqpFU_2EQ47r2aree6SI6-ZIb646bCI6x0HB7K3UH-Wz-kErhbHWd88MdV2-3WgILrCr61cHtYJe190pY2X58KO8Qf7vlXDvWHH7Ir1bKSqT_Ad8hJ5IYElpr_XR-7wZt5QFwTS13eDEIh08ief5cD7llHRrZ_pd569f2-0173GX8qYyvCU6LS1BWWMSmYAEc-pxF_-i-CYg
Frame ID: EB2E7A2F82191487BF68C58E9F7A8950
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06FE0A9235375F200A2F84AD5F91A127
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E86C520C833FB1591C0AF740555EE9DC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNVmhEz6S_KEalRGobU6lg6_IHbpKjk_31lbNlmmciYYKIIwW17y65xOD8ro-Dt10s6_Z8Rfxy8ZkWM9nwZbX1gom1e3t867KOW4H85nLx6iAb_xMNyUlo9uv7yPUrUymXit5mcq-_iwSrFZtQQ1DThl5AQixqtUYn-8ZgGnkmisYHwzSRGGIM9csH0JGBn77F3OqsU7x1AISyNkk3ezLTvE6eg4cw
Frame ID: FF2BA65DE4D8362F71CD0A300DBCEBD4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7DBD2D90BEC9E58758FF7DB235EC3FC1
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYw_K0-wEwAQ&v=APEucNV8PAHWzdOXJAuNpfZiLOvGidtTDVF8Wy_za6y7bsxJosTr78CVJ6TVciyC4NtyD_iHNlgjMmMJ_VO-t2EA15SsqUC1J6Bgw_Z7LXheoIRd5L4vnbYxVpqYsnlH_-d5MyFSQHIx6CjhkWjWNVhH1kSBwct00X7ZAihhzqRIEq-wG1CwVeQx7AGA12HPg9QMTEg53dfFwScGpNdZtHajhKvxnsUAXw
Frame ID: 97E58AF7C47916B3F726DF9A26FEEC63
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYk9PU-QEwAQ&v=APEucNXMzwVu3rOMfA8qg9MFVrx9L-jIsg5-dNxlZKveFpqEZfOC18KearsRKx40d-8PPIxwg6YB9KkWzQV8kGtboL87M4jsvpcUjCXrpgnASo5K9IV8VAMJSbo0-Th3oXhvW2w_HxRpdAtaJE77sZPVvIZsgBoLEvbaTlaDu98XqJZoezV0zRx_4PEtRSoC43tDgHKGLz1gDkYMcfu1R7uSIfbiGg_0Lw
Frame ID: 9D7FEC947126A2136BB328E155BE7D23
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 71889B19CF3A9CE341E3489EA9352EDB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
Frame ID: A7F578BA2BB7E6FFE18660560DC2B7CD
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3C2E3D18E3CEF7D861C94C8710A103DA
Requests: 3 HTTP requests in this frame

Frame: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E99484EBC97E6337A11CBC38EEC248D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4884.js
Frame ID: 255FCF87E70B2AF01CFB95E8A5B7C0BB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 63E0F366A9EE4314EC8C706E5AEB12CA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2EFB9FA3C3DA3DEC80143C27A94E8FB3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 02919CE56B3FAB78AA490D4C2C559941
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 38AF1810E25D0683157B1CCFF54E59F3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A88CF03DF947BEBAAE1C77AA681F7060
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Frame ID: 4801CC889B6D79A7F861FBEBE57705CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DC308E1D8885D9C03C20C61530ED5B70
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
Frame ID: BE1DCAF893DB3573CB9028865E16CE51
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
Frame ID: FBDC468C365CAD8CE12BFBE8C71E0FA3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة لايف | koora live | مباريات اليوم بث مباشر جوال kooralive

Page URL History Show full URLs

http://live.koooralive-tv.com/ HTTP 301
https://live.koooralive-tv.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

245
Requests

90 %
HTTPS

50 %
IPv6

36
Domains

54
Subdomains

47
IPs

7
Countries

2513 kB
Transfer

6330 kB
Size

30
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://kooralive-tv.net/matches-today/
Title: أهم المباريات

Search URL Search Domain Scan URL

URL: https://kooralive-tv.net/leagues-rank/
Title: جداول

Search URL Search Domain Scan URL

URL: https://kooralive-tv.net/top-scorers/
Title: ترتيب الهدافين

Search URL Search Domain Scan URL

URL: https://shoot-yalla.net/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://shoot-yalla.net/matches-today/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-shoot.com/
Title: kora shoot

Search URL Search Domain Scan URL

URL: https://kooora-shoot.com/matches-today/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h2/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/yalla-shoot/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/fil3arda-h4/
Title: في العارضة – fel3arda

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/bein-match-h3/
Title: بين ماتش – bein match

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/go4kora-h2/
Title: جو 4 كورة – go4kora

Search URL Search Domain Scan URL

URL: https://koraonline-tv.net/
Title: كورة اون لاين

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.net/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://fal3arda-new.com/
Title: fal3arda

Search URL Search Domain Scan URL

URL: https://yallakora-tv.net/
Title: yalla kora

Search URL Search Domain Scan URL

URL: https://bein-match.net/
Title: beinmatch

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/c/
Title: koora4live

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/matches-today-h2/
Title: كورة 4 لايف

Search URL Search Domain Scan URL

URL: https://yalla-goalz.com/
Title: yalla goal

Search URL Search Domain Scan URL

URL: https://as-goal.io/
Title: as goal

Search URL Search Domain Scan URL

URL: https://kora-online-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoots.co/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-lives.io/
Title: yalla live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://livehd7-tv.com/
Title: الاسطورة لبث المباريات

Search URL Search Domain Scan URL

URL: https://egylive-tv.com/
Title: ايجي لايف

Search URL Search Domain Scan URL

URL: https://korastar-tv.net/
Title: كورة ستار

Search URL Search Domain Scan URL

URL: https://livekoora-tv.com/
Title: كوره لايف

Search URL Search Domain Scan URL

URL: https://yallalive-tv.net/
Title: يلا لايف

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://live.koooralive-tv.com/ HTTP 301
https://live.koooralive-tv.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://kooralive-tv.net/wp-content/uploads/2022/11/logo-koora-live.png HTTP 301
https://live.koooralive-tv.com/wp-content/uploads/2022/11/logo-koora-live.png

Request Chain 46

https://oajs.openx.net/esp?url=https%3A%2F%2Flive.koooralive-tv.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Flive.koooralive-tv.com%2F&rid=esp&cc=1

Request Chain 50

https://gum.criteo.com/sid/json?origin=publishertagids&domain=koooralive-tv.com&sn=ChromeSyncframe&so=0&topUrl=live.koooralive-tv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=41VuOHxCbWVtV1dZZWh4NDJsVDNXeWE1U2ZHY2w2UlViODBOdDdxdXV3RXNKTGZ5a3l6c2hSSk01WVJEQklyV2xJY01TYWJ2YXArVDRSOFY1cWxGR0pQTGZFUkxITDF5YlZVT2p5Uy9uelI0TVN5MUpsaldoY2I1R1B5UjlWcDB4YXBCdVVMaVNVQncyelJTY2dzeVBZRUFBaTJjSGF0WldkZWV0cUgxa0VGK2NzUVF3UkRQMGM1bjcvNzhYcnFGUitWV3p5OHNmWWJRa2dNVVFZMTVTN214VVhJeGV3K3BoU0xyVGlJNldJcDBmTEFZUG1LQVlOZzdXbm9XbFJHVVFkZloyNHJ4dzM5ZkxWT3hLRjJ0cTNWUzRDVTdaMHVKN0Iyb1JQRTRzSExyNHBCUT18&cppv=2

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKylML01yOpWe7fUHjed6xE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKylML01yOpWe7fUHjed6xE%26google_cver%3D1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKylML01yOpWe7fUHjed6xE&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Request Chain 127

https://pixel.de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_116_de&c=11600102&pr=1419024546&gdpr=&gdpr_consent= HTTP 302
https://169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=169951609204894BE86E1A47713A53E00019CD1E01E35DDFAEB338AF

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN-EobbYusftEtfc5ouzKH8&google_cver=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBVpgiVki94cI0objavy1Q&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXcNZetkrGmkY3VZ9oYdoY&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBn3YiEXdMJ2pkTVkrOB38Q&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Request Chain 181

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOzOhbNBYn_Y-vwq9LWCMU&google_cver=1&google_push=AXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOzOhbNBYn_Y-vwq9LWCMU&google_cver=1&google_push=AXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 183

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIJf7fLxgHg2hIsg-sV6kqM&google_cver=1&google_push=AXcoOmQ3yEqY9dRV1lg5WmKuJgEIPbLAaHFUvsXpiXcKPpHlOCE8KHrsMIrWPA9cX2HUmt0z7cgNxRTFvt_pWqBa5p3wggRbHgAM1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3yEqY9dRV1lg5WmKuJgEIPbLAaHFUvsXpiXcKPpHlOCE8KHrsMIrWPA9cX2HUmt0z7cgNxRTFvt_pWqBa5p3wggRbHgAM1Q&google_hm=Nfbons7ZSgyh9P0Uk8BbD4Y

Request Chain 185

https://cs.media.net/cksync?type=g&google_gid=CAESEOOk81ATQVthhpA71Sz_BD8&google_cver=1&google_push=AXcoOmQKNNhyEGIoZ5eTovejn0qGpKqyBBiSWbyaU-tJFFp2VLdLF1R6apFERzHJiTfFawEjt4FTnY8l-OB9m4odxyJxjZHa6l-iVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&mn_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQKNNhyEGIoZ5eTovejn0qGpKqyBBiSWbyaU-tJFFp2VLdLF1R6apFERzHJiTfFawEjt4FTnY8l-OB9m4odxyJxjZHa6l-iVw&gdpr=&gdpr_consent=

Request Chain 187

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEHbKKYnArFHYPMrrcT-Igog&google_cver=1&google_push=AXcoOmTOkb7W7XwozAlzBitvXN6fMeiEi5Ms_JcpuR_2E2IKTypQ-bjpVwTSIJWBbe0cnvHYMf0snkeqxSem04Za1mup627fycNuL0c HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38793dfc-0b5e-4602-99da-d27b3a7f165f&google_cver=1&google_gid=CAESEHbKKYnArFHYPMrrcT-Igog&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTOkb7W7XwozAlzBitvXN6fMeiEi5Ms_JcpuR_2E2IKTypQ-bjpVwTSIJWBbe0cnvHYMf0snkeqxSem04Za1mup627fycNuL0c&gdpr=${GDPR}

245 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
live.koooralive-tv.com/
Redirect Chain

http://live.koooralive-tv.com/
https://live.koooralive-tv.com/

74 KB
14 KB

260ms
236ms

Document
text/html

172.67.208.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.koooralive-tv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.208.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d03a212179a35b5ec11c0d20dc24f842c78ac438205d14adf143fe5e0300e87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate max-age=7200
cf-cache-status: DYNAMIC
cf-ray: 823473ae5ce03801-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 07:48:10 GMT
expires: Thu, 09 Nov 2023 09:48:10 GMT
last-modified: Thu, 09 Nov 2023 07:22:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvAmvCOg%2FU0CU%2BX4anxPo06hS95ukgi340b1OkkfyXC8iAUHMwGid5PKXOKKRMrXQh9UZbWf%2B%2Fad5h%2BKDDLYxQ9lyjJK7CmnJGN6r%2FW3xVaxZ45tOtFynKzuIAT%2FybQiiRQjtUBESpVU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie

Redirect headers

CF-RAY: 823473ae1f39690d-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 09 Nov 2023 07:48:10 GMT
Expires: Thu, 09 Nov 2023 08:48:10 GMT
Location: https://live.koooralive-tv.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIL7IMGPhpzunYX8au%2BEY611lX0ozTkrT3mvg%2FvtkQhkjRYwIMHx1VV5rY3X7nSrhWH4ASF7XavVbibP0aQwBck5eVYUpyJAo9Uu5W1Pasjl9McIiAN6FFLxXZRtDpnVSjxuyKrWupTd"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 NeoSansArabic.woff
live.koooralive-tv.com/wp-content/themes/AlbaKora4Live-v6/fonts/ 56 KB
56 KB 17ms
16ms Font
application/x-font-woff 172.67.208.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.koooralive-tv.com/wp-content/themes/AlbaKora4Live-v6/fonts/NeoSansArabic.woff
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.208.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://live.koooralive-tv.com/
Origin: https://live.koooralive-tv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:10 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 19:00:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35233
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQxkSe2qHrDXvskpf2IQPL109IPi0A%2Fv1nL1LrX0DFQ2W9TG0e%2FldEK9KYO%2B6Qja5W730cl42UbvMjY0Q8sUVcNE%2F2q%2BHs2yVvvx5vATWsqZSM1hr2Lv9ozgZUqoSPW1bpLRjJejpeDu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823473afeee43801-FRA
alt-svc: h3=":443"; ma=86400
content-length: 57364
expires: Thu, 07 Nov 2024 22:00:57 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 130ms
97ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58810bd5a67587c942df6375e529c2bbee0955b65d85c5f75d3ec287bfc5072e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HENZ3TAPDFADRZ4G5BGAKFGZ
date: Thu, 09 Nov 2023 07:48:10 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 242
cf-polished: origSize=4581
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"82c23734e452fdb529f32b5b7d8f570e-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 823473b0186f3836-FRA
link: <https://live.demand.supply/impl.v17.18.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H3

200

logo-koora-live.png
live.koooralive-tv.com/wp-content/uploads/2022/11/
Redirect Chain

https://kooralive-tv.net/wp-content/uploads/2022/11/logo-koora-live.png
https://live.koooralive-tv.com/wp-content/uploads/2022/11/logo-koora-live.png

23 KB
24 KB

19ms
19ms

Image
image/png

172.67.208.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.koooralive-tv.com/wp-content/uploads/2022/11/logo-koora-live.png
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: H3
Server: 172.67.208.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc841e506c83e583ab37f27bd3b7f5f613f4f25711925332b69fc84605920bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35225
alt-svc: h3=":443"; ma=86400
content-length: 23630
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:51 GMT
server: cloudflare
etag: "63a0b4e3-5c4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDQj3%2BkMcZtrI69lIXAH8dEiVhZowM1cXIy3WyMqOVHJMGHhETFA7HIVuJtT8QlsT3K8ADX1L8gpQMjm%2FWADlPzN8Nj8b2mg6UPsd2ExkRm%2FmZ9KqxkG80pEgCbtgZYV4J%2BVxyFYdBqx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 823473b05dbd997b-FRA
expires: Fri, 08 Dec 2023 22:01:05 GMT

Redirect headers

date: Thu, 09 Nov 2023 07:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg4sEaI80ZPhPoqBsAEfC%2FGWTueOwbcCgeuCSYr%2BiLaBjMnzE%2BvaqPuy6haLa3hyovLfvFNOEymlhi8tXYw9fp9IPRaYcZPtTzUc5ET5vV5S8uLvrB8yu4%2BSFg88sUcH36CYzBXOlzCQ23bGkFXW"}],"group":"cf-nel","max_age":604800}
location: https://live.koooralive-tv.com/wp-content/uploads/2022/11/logo-koora-live.png
cache-control: max-age=3600
cf-ray: 823473b038ab381b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 09 Nov 2023 08:48:10 GMT

GET
H2 200 rocket-loader.min.js Show response
live.koooralive-tv.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 172.67.208.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.koooralive-tv.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bb442-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c%2FbDVMdA3gtgguZ1YH2uRUGsK3UI%2Fu0myHEarEHDIxQDAmMWvVTpLAlDhiF5oLtx8Yj1SM%2BD7MC7qsiHkwoa3Rl5nKIIeOqZ7oDG8LJM7amFJqvhX7NF2WgFMZE9PqqsREHL3jG3O1R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 823473afff063801-FRA
expires: Sat, 11 Nov 2023 07:48:10 GMT

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 37 B
37 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 94ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HZB4W0659L

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50a698d81ab60abdef44efd2f20e89bc21f767d4c483ff3fda7f3a03cfd1ccae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 07:48:10 GMT

GET
H2 200 impl.v17.18.2.js Show response
live.demand.supply/ 83 KB
27 KB 24ms
23ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.18.2.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cad3a5dc7cffc9d617eacc752f420c315db1b84a1b88034d3973497338713314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HENZ2J3JZWB491NRF6ZQ0G6B
date: Thu, 09 Nov 2023 07:48:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 119257
cf-polished: origSize=85432
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"e112cf09155ec1a557ddf0cf9d769ad5-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 823473b0b9203836-FRA

GET
H2 200 bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 1 KB
715 B 208ms
208ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea25fe3ebc9467710aec5835538f8a7b1fbf0521d658c0c956b3e7adc1d138b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 823473b0b9223836-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 127ms
114ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=134&cs=c&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b0caaf1c79-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 173ms
109ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04172c9666f79ab4a19c9e62e33d9529ea02f6f2267423fe0eafef50ad1257e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31620
x-xss-protection: 0
server: cafe
etag: 118 / 19670 / 31079510 / config-hash: 5333958679465247378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
619 B 31ms
19ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HD4CCHA0TB88NWGNCBFMQPPV
date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 85050
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 823473b0caad1c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 koooralive-tv.com_fluid_sq_koralive-tv Show response
live.demand.supply/cp/ 30 B
373 B 239ms
238ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/koooralive-tv.com_fluid_sq_koralive-tv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107ce054924db230ad1ae74a0aad82dac8dac69b6a489a8785b78a2f32657184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 823473b0eacc1c79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 koooralive-tv.com_fluid_sq_koralive-tv Show response
live.demand.supply/cp/ 30 B
376 B 241ms
241ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/koooralive-tv.com_fluid_sq_koralive-tv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107ce054924db230ad1ae74a0aad82dac8dac69b6a489a8785b78a2f32657184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 823473b0eacd1c79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 koooralive-tv.com_fluid_sq_koralive-tv Show response
live.demand.supply/cp/ 30 B
376 B 235ms
235ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/koooralive-tv.com_fluid_sq_koralive-tv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107ce054924db230ad1ae74a0aad82dac8dac69b6a489a8785b78a2f32657184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 823473b0ead01c79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 426 KB
134 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49992
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 07 Nov 2024 17:54:59 GMT

GET
H3 200 koooralive-tv.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
372 B 238ms
238ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/koooralive-tv.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847133845e6b09437a731a77ce4f6f31924b28fbf31460a78d0dc5558039cdd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 823473b20c341c79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 106ms
105ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b26cbc1c79-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 70ms
16ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 208125
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 823473b2ec9b3636-FRA
expires: Sun, 12 Nov 2023 07:48:11 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 81ms
13ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:08:06 GMT
content-encoding: gzip
age: 1136405
x-guploader-uploadid: ABPtcPo0EtTFY7fWGwfH7YcFpkKhyxlIy8AKei3hIiamRpXW1UUlNwTbcJ7u7ADJOjBFaq-z8Y2OubPY6SA1WObOmaOYZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 26 Oct 2024 04:08:06 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 92ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Nov 2023 07:48:11 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 79ms
8ms Script
application/javascript 2600:9000:223c:c400:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:c400:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 06:48:17 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 3595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 5Lutnsvov9Jv1BKeO_CtKEzJ8rGxB-D2LOiEoXigNMh_f8_l3vq8Bw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 52ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5299
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRzWhXNCQOZKYkCy3Pt7Yg6SfexQwYGFey4C1pd4Al%2FQY2SzG7dY3n7zkE9o2c%2BhjiZPFX45QJCWSYY2%2FrgtwdKa4saJL54JwLKsA0QD%2Brd7O10Xf6%2BHhY4sA4a3pVq4t0AcODnBNzBAFfS4nc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 823473b2db5c1c22-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 72ms
21ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Nov 2023 12:11:14 GMT
server: cloudflare
x-amz-request-id: TKHHY62A7690CEY2
age: 728
etag: W/"a8dc95d1ffeb5ca5c8e29b69dd9f17dd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 823473b2e96f9a35-FRA
x-amz-id-2: XR5FVrouau6hzF72sPDX7oZuIOzgxK7KwoZjneFTCTBNrfXLJmarTsGpYBtxam1xii/VDB/Tdco=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 93ms
27ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 60f0034b604dc4dad627968cfdc91e75
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 93ms
8ms Script
text/javascript 2600:9000:2250:4c00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4c00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Thu, 09 Nov 2023 05:04:04 GMT
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 9848
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 3XgcHgCfAB_K2X5SG8KPiEf3D3yQnYEFQJBNCbTCwdtYfXrHMemVoA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 58ms
8ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 03:16:17 GMT
content-encoding: gzip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 16315
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: wdZq_yEMbwxG56pn5_xsGIqWsQpvlRQ8wf1vpcFEKXmP9bL-tVmOQg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
744 B 401ms
401ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1784667346036843&correlator=1058527379931239&eid=31079519%2C31079510%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Ceb783128-8487-43f0-a9d8-15eb48d8c66a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699516091285&lmt=1699514575&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flive.koooralive-tv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=609995766.1699516091&ga_sid=1699516091&ga_hid=1264546890&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiSl7aYuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiSl7aYuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJGXtpi7MUgAUgIIZBIZCgpwdWJjaWQub3JnGJKXtpi7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiSl7aYuzFIAFICCGQSFwoIcnRiaG91c2UYkpe2mLsxSABSAghkEhQKBW9wZW54GJKXtpi7MUgAUgIIZBIZCgp1aWRhcGkuY29tGJKXtpi7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ykpe2mLsxSABSAghk&dlt=1699516090855&idt=393&prev_scp=ti%3Dcb72c371-2bb2-4cb6-950e-254980c55eb0%26interstitials-bid%3D21%26bid-p%3Dgoogle%26bsc%3D94&adks=1387514414&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

257d7b6385b6e2b99dabcdd3ed515bac0bf5926ff40f280916b6cacd37c007b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F58 6 KB
3 KB 120ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Fri, 08 Nov 2024 07:48:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 39 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl_page_level_ads.js?cb=31079510

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 22:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33095
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
server: cafe
etag: 8051071232551270508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 07 Nov 2024 22:36:36 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 117ms
107ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_fluid_sq_koralive-tv&pdc=0.22556836009025572&ucv=null&e=tcp&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b2bd221c79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 121ms
111ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=koooralive-tv.com_fluid_sq_koralive-tv&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HD4CC7BJR118ZSED2FV5KKCH
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 1778204
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8766bde18b97af66261b409b6e44456f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b2bd251c79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 27ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_fluid_sq_koralive-tv&pdc=0.22556836009025572&ucv=null&e=tcp&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b2cd2c1c79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 117ms
104ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=koooralive-tv.com_fluid_sq_koralive-tv&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HD4CC7BJR118ZSED2FV5KKCH
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 1778204
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8766bde18b97af66261b409b6e44456f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b2cd2e1c79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 118ms
106ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_fluid_sq_koralive-tv&pdc=0.22556836009025572&ucv=null&e=tcp&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b2cd301c79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
483 B 27ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=koooralive-tv.com_fluid_sq_koralive-tv&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HD4CC7BJR118ZSED2FV5KKCH
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 1778204
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8766bde18b97af66261b409b6e44456f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b2cd321c79-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
39 KB 443ms
440ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1784667346036843&correlator=2501182989299677&eid=31079519%2C31079510%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cc2bffcf8-457e-4bbc-bf91-ef18874d5ad0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699516091319&lmt=1699514575&adxs=326&adys=1875&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flive.koooralive-tv.com%2F&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=609995766.1699516091&ga_sid=1699516091&ga_hid=1264546890&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiSl7aYuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiSl7aYuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJGXtpi7MUgAUgIIZBIZCgpwdWJjaWQub3JnGJKXtpi7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiSl7aYuzFIAFICCGQSFwoIcnRiaG91c2UYkpe2mLsxSABSAghkEhQKBW9wZW54GJKXtpi7MUgAUgIIZBIZCgp1aWRhcGkuY29tGJKXtpi7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ykpe2mLsxSABSAghk&dlt=1699516090855&idt=393&prev_scp=ti%3Dcb72c371-2bb2-4cb6-950e-254980c55eb0%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D94&adks=3086152930&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a7de4f22f73ab6b533ff2f3c956818491d4812805d0c4829fe358eee91f770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40042
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 111 KB
45 KB 346ms
345ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1784667346036843&correlator=876580668930553&eid=31079519%2C31079510%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cc2bffcf8-457e-4bbc-bf91-ef18874d5ad0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699516091338&lmt=1699514575&adxs=326&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flive.koooralive-tv.com%2F&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=609995766.1699516091&ga_sid=1699516091&ga_hid=1264546890&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiSl7aYuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiSl7aYuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJGXtpi7MUgAUgIIZBIZCgpwdWJjaWQub3JnGJKXtpi7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiSl7aYuzFIAFICCGQSFwoIcnRiaG91c2UYkpe2mLsxSABSAghkEhQKBW9wZW54GJKXtpi7MUgAUgIIZBIZCgp1aWRhcGkuY29tGJKXtpi7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ykpe2mLsxSABSAghk&dlt=1699516090855&idt=393&prev_scp=ti%3Dcb72c371-2bb2-4cb6-950e-254980c55eb0%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D94&adks=3187611466&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b027f492fbdcc0101675cf0f37bebbb43b0d6d9c18b37ab1f1cedf965e47b05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45935
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 424ms
423ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1784667346036843&correlator=4066452313312663&eid=31079519%2C31079510%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cc2bffcf8-457e-4bbc-bf91-ef18874d5ad0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699516091349&lmt=1699514575&adxs=326&adys=469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flive.koooralive-tv.com%2F&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=609995766.1699516091&ga_sid=1699516091&ga_hid=1264546890&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiSl7aYuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiSl7aYuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJGXtpi7MUgAUgIIZBIZCgpwdWJjaWQub3JnGJKXtpi7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiSl7aYuzFIAFICCGQSFwoIcnRiaG91c2UYkpe2mLsxSABSAghkEhQKBW9wZW54GJKXtpi7MUgAUgIIZBIZCgp1aWRhcGkuY29tGJKXtpi7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ykpe2mLsxSABSAghk&dlt=1699516090855&idt=393&prev_scp=ti%3Dcb72c371-2bb2-4cb6-950e-254980c55eb0%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D94&adks=1783304219&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59e80d0410252c056d3b4e3b21d00fe3552076081a8dfa55b253e2b659b29185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11982
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
340 B 109ms
33ms XHR
application/json 52.212.57.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.57.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-57-114.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0956fc707aba5d6ba9c2917a63405d88309a1f09966562645456633451a12cc9

Request headers

Referer: https://live.koooralive-tv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache
x-server: 10.45.12.123
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
217 B 84ms
12ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Flive.koooralive-tv.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://live.koooralive-tv.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
238 B 58ms
15ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://live.koooralive-tv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://live.koooralive-tv.com
date: Thu, 09 Nov 2023 07:48:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Flive.koooralive-tv.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Flive.koooralive-tv.com%2F&rid=esp&cc=1

85 B
195 B

115ms
115ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Flive.koooralive-tv.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 2ada008f8986e45fce0f76667b70c10294eaba3f62a2a7b5c63d41d2af3c93fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-v8NPHjvvxB+aIb+LPWacX3aTaKs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://live.koooralive-tv.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 09 Nov 2023 07:48:11 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://live.koooralive-tv.com
location: /esp?url=https%3A%2F%2Flive.koooralive-tv.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CA28 15 KB
6 KB 50ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=live.koooralive-tv.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 385610
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_auto_728x90_sticky_display_bottom&pdc=0.1867037236690521&ucv=null&e=tcp&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b38e1c1c79-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 272ms
272ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1784667346036843&correlator=109941311989228&eid=31079519%2C31079510%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Ca088a2dd-c2ee-4ac6-bf90-9034fd7b5c44&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699516091451&lmt=1699514575&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flive.koooralive-tv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=609995766.1699516091&ga_sid=1699516091&ga_hid=1264546890&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRj2l7aYuzFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiSl7aYuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJGXtpi7MUgAUgIIZBIZCgpwdWJjaWQub3JnGNyXtpi7MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiSl7aYuzFIAFICCGQSFwoIcnRiaG91c2UYiJi2mLsxSABSAghqEhQKBW9wZW54GJKXtpi7MUgAUgIIZBIZCgp1aWRhcGkuY29tGJKXtpi7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ykpe2mLsxSABSAghk&dlt=1699516090855&idt=393&prev_scp=ti%3Dcb72c371-2bb2-4cb6-950e-254980c55eb0%26chrand%3Dy%26pof%3D0%26bid%3D0.18%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D94&adks=2978652027&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7464953b31b2bd973f80ce7ca94ec6f43e4e5e80b9ecf17b1f0de4e813f10830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12574
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CA28
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=koooralive-tv.com&sn=ChromeSyncframe&so=0&topUrl=live.koooralive-tv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=41VuOHxCbWVtV1dZZWh4NDJsVDNXeWE1U2ZHY2w2UlViODBOdDdxdXV3RXNKTGZ5a3l6c2hSSk01WVJEQklyV2xJY01TYWJ2YXArVDRSOFY1cWxGR0pQTGZFUkxITDF5YlZVT2p5Uy9uelI0TVN5MUpsaldoY2I1R1B5Uj...

473 B
672 B

21ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=41VuOHxCbWVtV1dZZWh4NDJsVDNXeWE1U2ZHY2w2UlViODBOdDdxdXV3RXNKTGZ5a3l6c2hSSk01WVJEQklyV2xJY01TYWJ2YXArVDRSOFY1cWxGR0pQTGZFUkxITDF5YlZVT2p5Uy9uelI0TVN5MUpsaldoY2I1R1B5UjlWcDB4YXBCdVVMaVNVQncyelJTY2dzeVBZRUFBaTJjSGF0WldkZWV0cUgxa0VGK2NzUVF3UkRQMGM1bjcvNzhYcnFGUitWV3p5OHNmWWJRa2dNVVFZMTVTN214VVhJeGV3K3BoU0xyVGlJNldJcDBmTEFZUG1LQVlOZzdXbm9XbFJHVVFkZloyNHJ4dzM5ZkxWT3hLRjJ0cTNWUzRDVTdaMHVKN0Iyb1JQRTRzSExyNHBCUT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1f1d425b50a33fd633251349a8ad42173d4987e6cbf051ef453e32a7f89bb077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1175234
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=41VuOHxCbWVtV1dZZWh4NDJsVDNXeWE1U2ZHY2w2UlViODBOdDdxdXV3RXNKTGZ5a3l6c2hSSk01WVJEQklyV2xJY01TYWJ2YXArVDRSOFY1cWxGR0pQTGZFUkxITDF5YlZVT2p5Uy9uelI0TVN5MUpsaldoY2I1R1B5UjlWcDB4YXBCdVVMaVNVQncyelJTY2dzeVBZRUFBaTJjSGF0WldkZWV0cUgxa0VGK2NzUVF3UkRQMGM1bjcvNzhYcnFGUitWV3p5OHNmWWJRa2dNVVFZMTVTN214VVhJeGV3K3BoU0xyVGlJNldJcDBmTEFZUG1LQVlOZzdXbm9XbFJHVVFkZloyNHJ4dzM5ZkxWT3hLRjJ0cTNWUzRDVTdaMHVKN0Iyb1JQRTRzSExyNHBCUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 272980
content-length: 0
expires: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 165ms
26ms Script
text/javascript 2606:4700:10::6814:81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 19579
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 823473b49a9718f7-FRA
content-length: 4547

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 29ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HD4CC7BJR118ZSED2FV5KKCH
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 1778204
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8766bde18b97af66261b409b6e44456f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b3ce6c1c79-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 203ms
63ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

937c9a2b3aa7a7df4ec076c05cea72e999ef6f257a946e45bfb7b4a25c390e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12266
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 121ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HZB4W0659L&gtm=45je3b60v9123596658&_p=1699516091477&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=609995766.1699516091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699516091&sct=1&seg=0&dl=https%3A%2F%2Flive.koooralive-tv.com%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora%20live%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84%20kooralive&en=page_view&_fv=1&_ss=1&_ee=1&tfd=961
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZB4W0659L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 %D8%AA%D9%86%D8%B2%D9%8A%D9%84-6.jpg
www.kooora4live.com/wp-content/uploads/2019/11/ 0
0 118ms
16ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/11/%D8%AA%D9%86%D8%B2%D9%8A%D9%84-6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 403 49_14-12-2016_1393271588.png
www.kooora4live.com/wp-content/uploads/2019/08/ 0
0 115ms
13ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 40980.png
live.koooralive-tv.com/wp-content/uploads/2022/11/ 41 KB
41 KB 18ms
16ms Image
image/png 172.67.208.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.koooralive-tv.com/wp-content/uploads/2022/11/40980.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.208.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53863380c38e29bd13b5776b1d360cc3d89fb939363f02b6364f3d13c800f974

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35224
alt-svc: h3=":443"; ma=86400
content-length: 41511
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:51 GMT
server: cloudflare
etag: "63a0b4e3-a227"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eREokqN8bNrnAb%2FlAYa%2FW%2F3Brx7qbQVDoQftpZRnF1lZoz3ZJU3TxQJ51XK1kDQDIoasqz0IbdHz5rhnOCT100M701sa%2BjOzN%2FAXBupNTmcS3b5%2FxQ6nNuTdQq2A2ogQQeudLuEQ9bD4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 823473b40a29997b-FRA
expires: Fri, 08 Dec 2023 22:01:07 GMT

GET
H2 403 download-4.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 117ms
15ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 default.png
live.koooralive-tv.com/wp-content/themes/AlbaKora4Live-v6/img/ 4 KB
5 KB 27ms
26ms Image
image/png 172.67.208.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.koooralive-tv.com/wp-content/themes/AlbaKora4Live-v6/img/default.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.208.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8292c79a44356dae0dd28d94606a3674bd2d613a93d7304d3090b678cc1755f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35232
alt-svc: h3=":443"; ma=86400
content-length: 4327
pragma: public
last-modified: Mon, 19 Dec 2022 19:00:48 GMT
server: cloudflare
etag: "63a0b4e0-10e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNAxu6tDEpGalrUJJ%2FrPSZMy4eI6CADrQ%2F7DEWXWlHXRRasDkG%2Bnia32zE6%2BiR%2Frbnei853GeOyZ1qd33b5798h9QgsSl1wbu7Khys%2BThZmqxw5CJcMu6BxBvTWnNZqNuWv%2BDw5kWwiJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 823473b40a2b997b-FRA
expires: Fri, 08 Dec 2023 22:00:59 GMT

GET
H2 403 download-8-1.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 115ms
14ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-8-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 319ms
103ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4767348&@f16&@g1&@h1&@i1&@j1699516091646&@k0&@l1&@m%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora%20live%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84%20kooralive&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-177354667&@b3:1699516092&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Flive.koooralive-tv.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 2f5e3f94b176a6b311476a8590ccb89d6a03b69156d4367119f6822c4677efb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 07:48:11 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7065 0
176 B 85ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 09 Nov 2023 07:48:11 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 82ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 07:48:11 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_auto_interstitial_desktop&e=nai&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b528471c79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 22ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b5284c1c79-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 178 KB
52 KB 413ms
413ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1784667346036843&correlator=1224818841886179&eid=31079519%2C31079510%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C7a292f31-f41c-4eef-ab74-d050f696b8b8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D5c2dc5b4b4ba0363%3AT%3D1699516091%3ART%3D1699516091%3AS%3DALNI_Ma50dy_j4cLzHM-T8zT3xt6inE2rg&gpic=UID%3D00000cbd8e283ed8%3AT%3D1699516091%3ART%3D1699516091%3AS%3DALNI_MYdmFqjT3-QXn9TCxy_bjA7jVQ1-g&abxe=1&dt=1699516091708&lmt=1699514575&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flive.koooralive-tv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=609995766.1699516091&ga_sid=1699516091&ga_hid=1264546890&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkpe2mLsxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiRl7aYuzFIAFICCGQSGQoKcHViY2lkLm9yZxjcl7aYuzFIAFICCGoSGAoJeWFob28uY29tGPaXtpi7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiSl7aYuzFIAFICCGQSFwoIcnRiaG91c2UYiJi2mLsxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUzZExkWE52VlRCVVNFOHhVVEIwY2todVVqTmpkejA5SW4wPRidmraYuzFIABIZCgp1aWRhcGkuY29tGJKXtpi7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yvpi2mLsxSABSAghq&dlt=1699516090855&idt=393&prev_scp=ti%3Dcb72c371-2bb2-4cb6-950e-254980c55eb0%26interstitials-bid%3D8%26bid-p%3Dgoogle%26bsc%3D94&adks=227224111&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e89cdde6b60cc4980d248e8f7f39d4cc3bb75cddfa5bb6912c76f0b1b7762cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53455
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://live.koooralive-tv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FB7 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Fri, 08 Nov 2024 07:48:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 16ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=2&r=koooralive-tv.com_fluid_sq_koralive-tv&sy=0e170f66-49b6-4e7e-8650-c71e93069c60&ts=94&cd=2&pud=134&pus=c&pue=437&pid=25&pis=c&pie=463&ppd=210&pps=a&ppe=647&pcl=360&ttc=755&tti=1214&ttif=0&lca=647&lcak=ppe&lct=647&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=live.koooralive-tv.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=cb72c371-2bb2-4cb6-950e-254980c55eb0&e=lm&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b598b91c79-FRA

GET
H2 200 container.html Show response
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2631 6 KB
3 KB 16ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Fri, 08 Nov 2024 07:48:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 18ms
17ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.18&b=2&r=koooralive-tv.com_auto_728x90_sticky_display_bottom&sy=0e170f66-49b6-4e7e-8650-c71e93069c60&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=live.koooralive-tv.com&mlre=undefined&mlin=0&mlsi=1x1&mlbw=4g&mlcs=NaN&mltp=cb72c371-2bb2-4cb6-950e-254980c55eb0&e=lm&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b5b8ed1c79-FRA

GET
H3 200 container.html Show response
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCCF 6 KB
3 KB 16ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Fri, 08 Nov 2024 07:48:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 101ms
100ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=2&r=koooralive-tv.com_fluid_sq_koralive-tv&sy=0e170f66-49b6-4e7e-8650-c71e93069c60&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=live.koooralive-tv.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=cb72c371-2bb2-4cb6-950e-254980c55eb0&e=lm&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b5d9141c79-FRA

GET
H3 200 container.html Show response
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10EC 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Fri, 08 Nov 2024 07:48:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.16&b=2&r=koooralive-tv.com_fluid_sq_koralive-tv&sy=0e170f66-49b6-4e7e-8650-c71e93069c60&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=live.koooralive-tv.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=cb72c371-2bb2-4cb6-950e-254980c55eb0&e=lm&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:11 GMT
cf-cache-status: HIT
age: 2233670
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b6196e1c79-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EB2E 624 B
827 B 110ms
61ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbsIP4ATAB&v=APEucNVwwQifaFVOgVjkNKZqpFU_2EQ47r2aree6SI6-ZIb646bCI6x0HB7K3UH-Wz-kErhbHWd88MdV2-3WgILrCr61cHtYJe190pY2X58KO8Qf7vlXDvWHH7Ir1bKSqT_Ad8hJ5IYElpr_XR-7wZt5QFwTS13eDEIh08ief5cD7llHRrZ_pd569f2-0173GX8qYyvCU6LS1BWWMSmYAEc-pxF_-i-CYg

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Thu, 09 Nov 2023 07:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5FB7 111 KB
39 KB 56ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Origin: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 00:22:02 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 5FB7 7 KB
3 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:44:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 5FB7 23 KB
9 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:05:24 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FB7 41 KB
14 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 5FB7 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 5FB7 20 KB
9 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FB7 42 B
63 B 76ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D77DQSs1SiRspl0bnNW6KSSjz2QHpW2WQ2LLoMAwKfKoDCQPek3E19LlccxkhzE_uA_FsS0o8t9ORQFWO9Fkz-9gTSeX08uMrQgdYIANEmCg1tcl8

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FB7 190 KB
60 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 06FE 13 KB
5 KB 16ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 18:17:57 GMT
expires: Thu, 07 Nov 2024 18:17:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E86C 829 B
1 KB 74ms
25ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec764565e82c1166a791fa040c43ab3cee1faab6a16f26a364bcf031c12f5867

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fhgub8fVEgM1E4jJMqp_OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fhgub8fVEgM1E4jJMqp_OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Thu, 09 Nov 2023 07:48:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FF2B 624 B
504 B 88ms
70ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNVmhEz6S_KEalRGobU6lg6_IHbpKjk_31lbNlmmciYYKIIwW17y65xOD8ro-Dt10s6_Z8Rfxy8ZkWM9nwZbX1gom1e3t867KOW4H85nLx6iAb_xMNyUlo9uv7yPUrUymXit5mcq-_iwSrFZtQQ1DThl5AQixqtUYn-8ZgGnkmisYHwzSRGGIM9csH0JGBn77F3OqsU7x1AISyNkk3ezLTvE6eg4cw

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Thu, 09 Nov 2023 07:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7DBD 89 KB
31 KB 82ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 7DBD 18 KB
8 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Nov 2023 08:21:57 GMT

GET
H2 200 attn.js Show response
cdn.lamp.avct.cloud/ Frame 7DBD 48 KB
14 KB 57ms
8ms Script
text/javascript 13.32.99.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=1933310257657&a=&cp_dspId=dv360&api_frameworks=[APIFRAMEWORKS]
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-48.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:12:17 GMT
content-encoding: br
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 16:23:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 70555
x-amz-server-side-encryption: AES256
etag: W/"8a45742518e0e70d41040ddf21529736"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: jajX8OodwikGtGsp2DsWqODvBAIbtL37A7s-_TYGSHA6nF5fUFr8PA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7DBD 3 KB
1 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7DBD 20 KB
8 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DBD 190 KB
60 KB 94ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DBD 42 B
63 B 53ms
48ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIhRJux7SeGrkLx9qmwz01otNz_3S3YVeGJ9BUwzMb0dJP9sDvNdG90vmKJI6wO8tjzL4LjBVqV1vLiK6bE6fWz-ZM5Y02LZg-OuTBBx2fWEg-gLQ

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DBD 0
20 B 52ms
48ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15105508095208405662&x=1&ct=77

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 97E5 624 B
506 B 68ms
61ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYw_K0-wEwAQ&v=APEucNV8PAHWzdOXJAuNpfZiLOvGidtTDVF8Wy_za6y7bsxJosTr78CVJ6TVciyC4NtyD_iHNlgjMmMJ_VO-t2EA15SsqUC1J6Bgw_Z7LXheoIRd5L4vnbYxVpqYsnlH_-d5MyFSQHIx6CjhkWjWNVhH1kSBwct00X7ZAihhzqRIEq-wG1CwVeQx7AGA12HPg9QMTEg53dfFwScGpNdZtHajhKvxnsUAXw

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Thu, 09 Nov 2023 07:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame DCCF 23 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:05:24 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame DCCF 7 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:44:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DCCF 0
0 113ms
60ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKbHM8Lgf87sGbocb0QUsY2_1aKV4n6hROQ2COQn_UzoUAexZuZ8mjE-3_PifBnrn7EOiUyUIbuwvgYYsOYTzHFWaAcE1NYiITcq8TCX53UT-DmDvVp2Zsx-vYXpLQJhrjuWm0IQGcNeuXwsP8F2k4dsEyaKZC76rC9TiispdIHEX3bUIYKr96ulNNHA9t4EMaD8kDN6QwR2lYiAEvWs74QLOr7M6NCoTVfpxOfiLIbQpPq_7shAsAS2qAu-dscwM768MDJ8iOZG_1lsqo9620e7pdWiuhN2439QGUrq8q22TQBMzYxOBcolW9lNcaQALv-iDEWF17-JD4BpYpAq50wy23dwh0CVc5_YkZhvSdFUqAyfxbh6RqdNpmUhLOc2tJ95i4PvGW76G8jexWaDu7XJ8B4rWsfYPmGdbfPKMjLdQ99GqucNuYczdXOra0NUAzKHTNnmfZRt2NKXjM3j7WGHcue193RxUFo9ydy89pNF3CO2_1in3ymvihi14qQEvfGmxkTeo9cwpFxXGCr7oycV0UJ-eyq9cJwTsnwTOl3265Z9bf4D7GFsFlderZZEcEWnNw1wg3BVXxHtnUq8-f4mRBqQPTt-HnIwuZGkaNxGrKtI4fWgQL_2uyEEdqW6NxFjDz1lQnel6gULvSVO7AuX0k2hLqYerG_yScIzENqTaXKlcaR7OP1RrmYj--mKOeRFXsY0DE6h3u3DTw-E-RtWHeDO7xVdrngk5hLm7AEA9RJbAEn7jycx07bCcdu1Za954Q7SphpTGnkfq_uvHIFKYkXKjU9HU5PaQ8aWU4UBdNQDAV0EZGbIx5ciGN3ces0zts6k_kGI9zOM6Jv51Ti64ht_OeO0XcsI7gwO9EzMGi1fKp7PrOdbfrtRDUQuWqXOYoT2Uz8eqikvOok0OzlXsUED_b4L9OP88oBNq27pCClO_hR-LdAtWrOFhHZwCyAHLryiT_ZvMicJd_FibbGTecAhz7Dr6jzXKqBxA0QoS9uNBW_yb2zXkjEX_XrmBXaTTmS2BJuNpckD8JEmrPHoE1zw_noCrOI7YDlQ-hQDAydjCAkbvywoir86p0GMeH2RIm4yD2SC1HgNDzIbwwHQztVVVays-Gj2Xkr4BlqLZUdTCrYuolbsAzMGAR3SrUgjFd8b0ICuRan3bu3miHeOyEa8669qoCFjGxpIRwRggZ8ufYI_xVi2NZop7kqXLD6AvRvmTOeRO4q52sJThFmY6quTIjo3ro_nPUFTnFFnNdxt6PaaYzp4GMhB1uARUXobnBevWZ-mEHmONCZVthpoQAA0TTqf3rsVeK-hsrp6CvCNPmcpoTE05lQGUMI43FbJTQyLNsJO1m1sZ4vf1IB1k2LiM664MRcXbjLRJ_Zwnkh5QdzVluFj4TodPYezXn288y9jtwR28EAWQHVo52UGf_yA&sai=AMfl-YRSu5Vvx1T0D4Z5XG6JNC8S4Z-vrlkhNKb-6y5W-mI8mn3IetrvNU8alnAeuqY7aGF2dpbs9b3We9pZru60RSEkzA_kyI-G1Ngocp3pklzYXTZ3nd66KjFvGNLgBLJ7flx5hE6mvcu6A_TthimnpNmn0tWbUW7nXWsO2962sPELTGaFYDYIuiwCR_6gPQ1-2RaRLZSD2MFJPsBLKweIDkv3Vz5QwHf6RBOg0m20_QiNeJazVR5AcfjOKsnIHGZPkUhmTPhcr3Zp5ojt_LmyjgbvEWND2NiTc2w9-WiBFDbobInLchxKjijyHzSkHxBz11rM7iYyvTcCL-2fTHuY6PeZlge26P_dBKjtrQsh36fi4uc18XCi4FZWddfCSPK7QmLwEEmSY6EsK8PuPbtj_mcy1tTFURGwJY7b_qTtN-7-cHgSsCn2TpzvDrP4yq5r-Z_3oCLNrSp2lHEyxn3h5h_xU3xyWlkUHT-UtCL_G_vR7S_qVhbn0UE&sig=Cg0ArKJSzOg7VrBxRWd4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231106.66821&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DCCF 41 KB
14 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DCCF 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DCCF 20 KB
8 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCCF 42 B
63 B 54ms
48ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1r7TFYydw8X91Fv_6Yl1IhW0ZBBCDMPGjiP860Gr2TciI8s-BuFXxomRQ2iPL9PrFkOKkjvu1E5NY6Lb_UasuaX3TL37PShsR6dTrxwEwVH1bZCo

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCCF 190 KB
60 KB 74ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H2 200 14737102194185394899
s0.2mdn.net/simgad/ Frame DCCF 171 KB
172 KB 89ms
21ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14737102194185394899?sqp=uqWu0g0ICPoBEMoHQGQ&rs=AOga4qlBrc-jXNwrBQR0SH-5HhCk9K6R9w

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e539bfe989b4baa4aec2ba19eb5430bfb35ef79089a789315fb15106052c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:46:21 GMT
x-content-type-options: nosniff
age: 39710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175571
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 07:50:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 20:46:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9D7F 624 B
504 B 59ms
58ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYk9PU-QEwAQ&v=APEucNXMzwVu3rOMfA8qg9MFVrx9L-jIsg5-dNxlZKveFpqEZfOC18KearsRKx40d-8PPIxwg6YB9KkWzQV8kGtboL87M4jsvpcUjCXrpgnASo5K9IV8VAMJSbo0-Th3oXhvW2w_HxRpdAtaJE77sZPVvIZsgBoLEvbaTlaDu98XqJZoezV0zRx_4PEtRSoC43tDgHKGLz1gDkYMcfu1R7uSIfbiGg_0Lw

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Thu, 09 Nov 2023 07:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 10EC 89 KB
31 KB 105ms
101ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10EC 42 B
63 B 55ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFXurBhed0jJIeNAfUMKLypQmJu43NBuaeDP6ubyqbBpQW0QWcRMdQJBD4vZZKNrYn26BkNjQmJjikKWTvoMe3lnGXts5da94ZtRPGsDjE65E1EeY

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10EC 0
20 B 57ms
53ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9668133066516568805&x=1&ct=77

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 10EC 18 KB
8 KB 29ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Nov 2023 08:21:57 GMT

GET
H2 200 attn.js Show response
cdn.lamp.avct.cloud/ Frame 10EC 48 KB
14 KB 27ms
9ms Script
text/javascript 13.32.99.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-16&cp_lineItemId=20618300095&cp_creativeId=523577747&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=1933310257657&a=&cp_dspId=dv360&api_frameworks=7
Requested by: Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-48.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:12:17 GMT
content-encoding: br
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 16:23:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 70555
x-amz-server-side-encryption: AES256
etag: W/"8a45742518e0e70d41040ddf21529736"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Ztc3bxtS0IvJY7tBHteGSz3qhj4ogP_wAZHbdCWf-7K1KHG4wJToKg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 10EC 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 10EC 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10EC 190 KB
60 KB 62ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:11 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7188 38 KB
13 KB 19ms
18ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 516831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5FB7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 543625de464104d954247452a8db0b4fc9daa5557fd36d801e128cbb2fffc52a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EB2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1

43 B
733 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbsIP4ATAB&v=APEucNVwwQifaFVOgVjkNKZqpFU_2EQ47r2aree6SI6-ZIb646bCI6x0HB7K3UH-Wz-kErhbHWd88MdV2-3WgILrCr61cHtYJe190pY2X58KO8Qf7vlXDvWHH7Ir1bKSqT_Ad8hJ5IYElpr_XR-7wZt5QFwTS13eDEIh08ief5cD7llHRrZ_pd569f2-0173GX8qYyvCU6LS1BWWMSmYAEc-pxF_-i-CYg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FvLqQsadcsE4hjdHSrO37wD8c20x4K81zS10ZLmzBFA%2BN59n%2Fks5p3OdNa8pqy%2BQFM7jxD5OaIY1U9n5eyGaUtA3XkvwEOmMVcax5fB3mIXU0dKRKItqeJkoZAbcKHuCOzVzU68sFcT3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7aadc9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EB2E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

43 B
730 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbsIP4ATAB&v=APEucNVwwQifaFVOgVjkNKZqpFU_2EQ47r2aree6SI6-ZIb646bCI6x0HB7K3UH-Wz-kErhbHWd88MdV2-3WgILrCr61cHtYJe190pY2X58KO8Qf7vlXDvWHH7Ir1bKSqT_Ad8hJ5IYElpr_XR-7wZt5QFwTS13eDEIh08ief5cD7llHRrZ_pd569f2-0173GX8qYyvCU6LS1BWWMSmYAEc-pxF_-i-CYg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgk4d6mdoJSlRdviIaRSzXAGWgNsohSsXl8kF3Habi4fjmui07xrb2vPpcmBdw9M6pwZNEsbKb6SFV4CgPls2guxEEK7kLYgTBtP0sX7pFjCSQPqwZjYbf153rSZ6ZSD%2FdDGuaXvTrbWhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7db149b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame EB2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKylML01yOpWe7fUHjed6xE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKylML01yOpWe7fUHjed6xE%26google_cver%3D1

43 B
893 B

17ms
15ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKylML01yOpWe7fUHjed6xE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbsIP4ATAB&v=APEucNVwwQifaFVOgVjkNKZqpFU_2EQ47r2aree6SI6-ZIb646bCI6x0HB7K3UH-Wz-kErhbHWd88MdV2-3WgILrCr61cHtYJe190pY2X58KO8Qf7vlXDvWHH7Ir1bKSqT_Ad8hJ5IYElpr_XR-7wZt5QFwTS13eDEIh08ief5cD7llHRrZ_pd569f2-0173GX8qYyvCU6LS1BWWMSmYAEc-pxF_-i-CYg

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: bb7961cc-a96e-4bb3-9412-ff3fd56f4da7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: 93dd1c8b-e64a-4685-ab31-be9ebc04c6f7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKylML01yOpWe7fUHjed6xE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EB2E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

170 B
243 B

22ms
22ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: 2d4ee745-5b50-4131-bf3b-844616755c37
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 97E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1

43 B
768 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYw_K0-wEwAQ&v=APEucNV8PAHWzdOXJAuNpfZiLOvGidtTDVF8Wy_za6y7bsxJosTr78CVJ6TVciyC4NtyD_iHNlgjMmMJ_VO-t2EA15SsqUC1J6Bgw_Z7LXheoIRd5L4vnbYxVpqYsnlH_-d5MyFSQHIx6CjhkWjWNVhH1kSBwct00X7ZAihhzqRIEq-wG1CwVeQx7AGA12HPg9QMTEg53dfFwScGpNdZtHajhKvxnsUAXw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOMaXWSRA2tfVXcttS0OjkDGS0h8SByx15gbYS9I5a%2FZ9kO7wTaNYanT0ypRhEo5R0kKP45f4MW9DqTWKrrXLExosQ5wJYGaR40fSUe4V80N8t6QQ%2FD2dpepWWZ7Mf1W%2F44wUFHqWr85bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7aade9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA_1FLVWuKf_KkGgaMDlFqw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 97E5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

43 B
735 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYw_K0-wEwAQ&v=APEucNV8PAHWzdOXJAuNpfZiLOvGidtTDVF8Wy_za6y7bsxJosTr78CVJ6TVciyC4NtyD_iHNlgjMmMJ_VO-t2EA15SsqUC1J6Bgw_Z7LXheoIRd5L4vnbYxVpqYsnlH_-d5MyFSQHIx6CjhkWjWNVhH1kSBwct00X7ZAihhzqRIEq-wG1CwVeQx7AGA12HPg9QMTEg53dfFwScGpNdZtHajhKvxnsUAXw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLL7vq0RF%2BtbI5SRCiRu6x5SuwB8tMgao8rMWf9YWzAyhdYxOFrfEFfjKhKnEZoE2dEIcPVylgvxIQmaVg74V2g%2B%2B5vyajCQzRvsy4x3LS6%2B1eHmgJM1H4JTaAXeK%2FYAe7vbaT8eIZAp8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7db119b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 97E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKylML01yOpWe7fUHjed6xE&google_cver=1

43 B
842 B

54ms
51ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKylML01yOpWe7fUHjed6xE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYw_K0-wEwAQ&v=APEucNV8PAHWzdOXJAuNpfZiLOvGidtTDVF8Wy_za6y7bsxJosTr78CVJ6TVciyC4NtyD_iHNlgjMmMJ_VO-t2EA15SsqUC1J6Bgw_Z7LXheoIRd5L4vnbYxVpqYsnlH_-d5MyFSQHIx6CjhkWjWNVhH1kSBwct00X7ZAihhzqRIEq-wG1CwVeQx7AGA12HPg9QMTEg53dfFwScGpNdZtHajhKvxnsUAXw

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: ab048d29-f633-4242-88b6-203e1eb37ee2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKylML01yOpWe7fUHjed6xE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97E5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: e21c0d51-d92d-456d-b663-9a22176b293a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5FB7 9 KB
4 KB 59ms
7ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e16cc0dcb6483e969661ee10c7752f3a9462a547b7b78279eac970808921a2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 07:48:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 13:01:39 GMT
Server: UploadServer
ETag: "69ac7bfdcd7264d785df7a9f26d5066b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Thu, 09 Nov 2023 08:03:12 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/ Frame A7F5 6 KB
2 KB 37ms
35ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ff975e867509c338b208ab15a3f4ed25b939879e40f6a6676c123b5c9119bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 38650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1879
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 21:04:02 GMT
expires: Thu, 07 Nov 2024 21:04:02 GMT
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5FB7 0
0 57ms
56ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrQBOwdIMvu4IPeE5x0acGWjiNS1-xGRhhNPAZojX9nlmwuoph4EvLOKgmDH3LhBmslEJwi3BVjcL_a5aPWsGa9cT2Y2A7fbR1WB3mN_hs8G1TzDKxXC1w9Plxyki4t9FwsTivG5Y2JoyJfxLLot2uoKSJ4TRus-Z0hh5ehQVwCrTqirs5fod4jwJUc5NMvxTpZivBT9-eV9ADI5E346MPkziuYbMaeeWPJoH5k4A5SEjqoCC1fNIDUkoLxchw7X_NhO8lvA8i5xkahiVBhy7_-fUkhBBkXPJpNHwlafw-0j0PPGWGGyZUwEtgtvg9LeivMr9qB9yc9c1R3q_I7rJdgPS-LdrszTtJgrOrcw-3oFecFtrJPo4j3u9JilGGeulx2EyX_lFM2b1vUsTOvRog4ssPyYZvhakPDv2o9Zz5RKnwZC9P8RZdc8lVHh1zL7KRf4X68zfKUYJi91YvfQN63Bpm7w9w-IZLqLrxNMNKpBGfWPFl5-FvcramK7FuSWihE9E1UYcxzRDZSYH7xhelhBnA0043WRpWj-W6zImxVPa_Vr3DPsIAf8JMiAqfcUZgrn40RIwuFyH3L-l7m-Khn8XKGRRbB2jKfd-YupNUosKveGfaaydgOikv-3BGnBXoZeDD5RTGRrSMdX_ED16FPXviKEqFtwZYRkLuiAnarV28u-Q76B6_mfcPMql7ZJl4vYcLhUA8DqrwvZRQZt8Mk_b4ofRI3sef7GouQz_8wx3sTwdMVgNn_cAgV5u-HhZKZJbpoGIv1pXR4yHVqBVP2Rpf8U5UN2LlsRznn-zRfcZsNRmZjPbRVNzgafEGQJeWnwNQaLssoE-5J8jseEsUL8WZP5e_kn-IAaD6Zi5k2V-bCYo5Mb_LUaUzTkEuP5XT6KK6qURiG5OD5HR7bnCI_xAbMaTxRfZiXvuspO2COma-xatT5SqDplk4ppTf74yUyQm9r9FCzR1QbpHsyE3Lz33xHbPvBiJtOAX7r8-jQt4waCr4deHiOVLSHqQKH1FgOjW1m7ZEJ_Vm-pi5flLVsGkV7PHIlL2VmLf3MZOwWCa7v76hQzQrIEgfKbz-tmkKoDxTACTe0JNdRmILFVIs8wL3WD9ZtZ4vDvU7XnS8GzqWPEdkQkGtuF3eFg8qMANWarSpvkA_cDsJ_IaylSN4DU51iX7wspZpnZqg8smjMAYnk_l_3PEou0PswUwpkM6d7pQWktUld5qs7qyavovGACWTpNmB91lgVolJ5yZQuocvCsx5TJzefN-iA0roxs96DtVp5cAlikE6UocVA4w7xM20kaF2fs84CslODh1pWQUgtaXKVh1O8-6EybuxSTcH0h546txjiisrUTux1qUAPmfNTP7f-ygShdympRQyLo54DRPizwUyW9VCY-P4ctehskxI8SGJMMOIlgzD-LgXTqqsUFQ59q6S6yuqJLMZkQ0fH5Mdd55rCt4ed_xIxdEAk5LdPBk&sai=AMfl-YQUkMzbfRRSm6zdwddwR1k76qTL9vXT9JpFTR1ccLYjd4SnBF0WkcBcv71SOooJN5dY4tYM2ZVaQfW76KNiPoAcncyy5_FLJ9yU8KsIDvxIujlxYrb6_8XRnFS7FBlVL-PZZHhZcRTLrNhpRbsKy8QI7P_XzU9XA3ILWjQMxzPMeUuCoGOxk1w6NujI6Qm3j-k_a7iw_xsMHB6zjaCwnrYzWqSGmM9szTrn2MM531VgIziFAyDNe_NRMFWt2-SaDAy6L_oWuz1CaS0vbmwW46j0CaGA845HUve7dLQnQdNkn6BvT5FltkCvLuinSTAOqwkiN3PSpdod_GHyVceh5tnKyN8DoqP3rViW4RJnE1M0xzDasmXyaYGR03_Hj38Gfk9ffUzdZVpysUeT4UdAOi8AmgIAB60FLeXgtjt3WBTmQPNWX5Xj9pQG7V-fMQ0k5zOx-t-CDUnSRLJitK0t1UqcE-2RxRw--0-9_UTNDpDYsbgag9JljQI&sig=Cg0ArKJSzPeKrcvgFrE5EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=134&cisv=r20231106.77145&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

204

tp.gif
169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net/ Frame 5FB7
Redirect Chain

https://pixel.de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_116_de&c=11600102&pr=1419024546&gdpr=&gdpr_consent=
https://169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=169951609204894BE86E1A47713A53E00019CD1E01E35D...

0
363 B

50ms
13ms

Image
text/plain

2600:9000:2644:800:1f:f009:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=169951609204894BE86E1A47713A53E00019CD1E01E35DDFAEB338AF
Requested by: Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2644:800:1f:f009:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
via: 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: a1N8g3HGflffGYBSGqpI8fqUKKQlj5z0IcvN0UISWtnk66ChRdfnCA==
expires: Wed, 21 Oct 2015 07:28:00 GMT

Redirect headers

date: Thu, 09 Nov 2023 07:48:12 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
location: https://169951609204894BE86E1A47713A53E00019CD1E01E35DDFAEB338AF.trk.sensic.net/tp.gif?m=campaign_116_de&r=pixel.de-config.sensic.net&p=de1&instanceid=169951609204894BE86E1A47713A53E00019CD1E01E35DDFAEB338AF
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: IYU6UJfQDTVP_JiEM0Y4bkoMSzxCCYJ65gFCDZlctlayp4SNvfc7ZQ==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C2E 38 KB
13 KB 23ms
18ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 516832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FF2B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN-EobbYusftEtfc5ouzKH8&google_cver=1

43 B
734 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN-EobbYusftEtfc5ouzKH8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNVmhEz6S_KEalRGobU6lg6_IHbpKjk_31lbNlmmciYYKIIwW17y65xOD8ro-Dt10s6_Z8Rfxy8ZkWM9nwZbX1gom1e3t867KOW4H85nLx6iAb_xMNyUlo9uv7yPUrUymXit5mcq-_iwSrFZtQQ1DThl5AQixqtUYn-8ZgGnkmisYHwzSRGGIM9csH0JGBn77F3OqsU7x1AISyNkk3ezLTvE6eg4cw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKPPkO5wgFFVpJLeYDz2d420%2F5b3a1A1JOU2JcgBp%2BjCZI3AnYTrwnd92al5SzbbjQFnp4vMufZd0XT5Som3njNRoKkXUNA13KKjYCs%2BceOecHYlqPkgRe45CQYspbw4tr9KxIR%2BHXU9mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7aadb9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN-EobbYusftEtfc5ouzKH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FF2B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

43 B
734 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNVmhEz6S_KEalRGobU6lg6_IHbpKjk_31lbNlmmciYYKIIwW17y65xOD8ro-Dt10s6_Z8Rfxy8ZkWM9nwZbX1gom1e3t867KOW4H85nLx6iAb_xMNyUlo9uv7yPUrUymXit5mcq-_iwSrFZtQQ1DThl5AQixqtUYn-8ZgGnkmisYHwzSRGGIM9csH0JGBn77F3OqsU7x1AISyNkk3ezLTvE6eg4cw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xHd6zWI0s%2F9aSMXO6v8CMfGH3IiN0gwJ9jFZxhzLInL%2BdgwhZLpt2TBZqyl3X8lx2cUj7g23Wx8XbbFpK1mwodFnl8sZYPk7hq9hBEdHLLygIVMIiZQ2%2B9wJ6SnKcwllM7qT1dLW2bYxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7db199b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FF2B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBVpgiVki94cI0objavy1Q&google_cver=1

43 B
840 B

17ms
11ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGBVpgiVki94cI0objavy1Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNVmhEz6S_KEalRGobU6lg6_IHbpKjk_31lbNlmmciYYKIIwW17y65xOD8ro-Dt10s6_Z8Rfxy8ZkWM9nwZbX1gom1e3t867KOW4H85nLx6iAb_xMNyUlo9uv7yPUrUymXit5mcq-_iwSrFZtQQ1DThl5AQixqtUYn-8ZgGnkmisYHwzSRGGIM9csH0JGBn77F3OqsU7x1AISyNkk3ezLTvE6eg4cw

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: 04c0584a-563e-480b-aa98-93960f0b8b22
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGBVpgiVki94cI0objavy1Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FF2B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

170 B
232 B

23ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: bdbca2b9-5977-43b7-a40f-ce43a590173c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 06FE 38 KB
15 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
DATA 200
OK truncated
/ Frame DCCF 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbe0d01d1375f5e245a1cfcbd4844cd145bef91e1cc07330b2a473c20e4535d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DBD 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=909197504756&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DBD 0
20 B 49ms
47ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=909197504756&version=m202309260101&ct=77&x=1&cor=15105508095208405000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7DBD 20 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dnt2S26LDZR24j-biLvEk1X7lxIVceukpvaSDa_02uWSlSSo3UT6eWRSoxbNCcLf9Y7k6_2z8Ej3vYhnZAz0jDJjQHpT_rhp31m8drXGJ01UpMm94QmG0miavS2cbwJr-tx9CAKyj_4-sbkNmLYfN42Bdjgwy8t-abrX0IkxIcT3UoC8A&cry=1&dbm_d=AKAmf-AAvlgil_RjY9CMchmqe3lMwB7c1XyI2-ohEv9lvGRQ9Rn_jB-nt7RwlkVQUvOkQoIRtCHAHdbbpy0xM4T-iGJLCzpQHh5i-YhZZWBTubksG-N6TxlyD5JPYJkx8ueM0rCJhzgPK6T2g7Ee_DB93lkRf8vsmkw9hzB1Tu3U8rmTmkR_t5wy7bqzdu-myindfyMYGndv7ogimN9VsyjUwTa9rfd9Cibf2tMlm_eJ4tLUHkrQ7j4VdX3JzTBt1SKcAQPi0mKdqdVqCSZm7KA_6iMeGwHraXU78H5gQGonazTz_ogMptyLbnG6vMLLA7ZHBZzqM4Dt172FRG3HcX0hYOX1VTlxBRm39RahNz-N0UYpXC6uGaHmA0g7LLhzyIJoyMpOW1ndethto2JJYSv8w4XjaCL2Jy2Hr0kSBERuJlAE3tC3SCFnw8Iet3JVeL-IbRsTSNge3JAXzzMtr7pO3jPabXN-83l4fHLLQG286J9LDw31rpXu4Iy3Jekx7skrna9XtBC0Nd-E8QJCzklgpw6PeNFjNLmKXq7zSa_V7uT2K1i-eHubv7R7-PpwvkrJuMQLUFwrosztV4Ij3_vJ9Plw2hJTlHoNOgfXEOmJfLWSKLLKUKOsS1wwqo0KCpfgxeLQymtlUcvScc8B5GniVJyhpaaxDkSQx6vT8QH8G2WDdp5xkii7lzQIqxLzae0C2ekSb5lOYgV-TRZW7sQCADDOIniml5pOZZMSy5RGes9npVGdnbRHtnh-Z5N7Z8pd6UEarqZYJ_IuP15VfDV1l9HsExIMgWzQgdrGPdW1kPWkI3NPeEejgw7xf8PgMryr5Bhl_XY7qqsq3UkgVaWaCELw4Qk0ePxHKkT583Fw3RNEt5FgMS93_4p6ApNzyREbg8N49TKM9kZayTNaNi5Ic_rjGq3XRsbYicXP9PcaNlkN9LSw8AbyHnvL0Ap44RdwlNKRe6nerOCaSlkLpIfBjbSibv0vICtNqUzdY4bd5nNgmJFxzYo2FMSeA4N7Dve0eqsr6znSJ7uCCEW5CwvzLCE5dlRCLGiDxdZCXw7z-P3WQVtJJvDdyvqqG7kRDe7D8hVy5173nhAOj16DOUy2GLgujBUzk50-sBTfnDKJ6x0aUWUq0V5hGtwKO0cNdkKZQrR0ZlYX99lEhWRFOBt7UeKCJTkURGzRSWNh154IP5Px7yYmK8_HIPSdBH8RsPDA0Kkmys0AVnOzijZGx5qD1RfurrXUfhWP19auHXMRYmB3DFwHunIdDOLhjGfiDifjABTuHrEXQcr6tpMYgF7_hRUm1dJ2he5KS7aBAYg2WbJfPqRVwpgwbHtElbKYoAd1eoVM1m0OAXwpzGgO7s1R7CYW_uXBi1wtbJe--L0kDuvGHsUhsK8PqPkV2oU266sfhe1fHiL9iAe9GOlt3LQbZWnvOtlMN5aNdzzn42AGOhwIiU1NakRj74TrplgBLBho0rvgSDUFfDE4PS41RVeE1SOUW2Pt38euXp3ISdXsOI4ZYYC7O4B5ZAqueqabZQbJAHY7juvGwoPxscLuYgJ7Tu0lYwvHlij30WG6fKm-ih4Vkdt1SXnVMS9VeLdwJsRPuG4ImsRf061vU-hY_yw-kg6jRbID4GwC-i1uvD1hv45kK_5QSITJsCoArR5LpVoduqrl-m6SDkHlwWHki2hT9-079YLb9dpNCtOwI67F_aUIvG1SnPd4YW70MetHH8YlfjP2ILnfN04S871oBIQ8gUvtz-nTLkbJj-BWBgpSkMjHreo7SxqbjDSj13gygo8q0EsDCn2cG-Rjryf4tGQunzzmhrhkHpURWTKceCnShItrBUgZJ5LvhMHH5YCY0MxLf9JQmUVgVmcUuGbIq33od1dTGkJMKc5o-IvC9fXFjh9mLs09XdPygSoOyXE9FapB4qEj4EpXITIUvKDBLTHX3nWUVvwzchy6UD2CJ3C26oPbv0XDMIeE1xEUkrnpOrxZrCfkrK2xLhwEngvTB2laV0oMbmvOYRr_tETmPBZi8GH7YVKlKN3mIMF377JJpoklD4alt5CtGTLzbzxJSmCZUA43lgdN1og5EzoRznu-U2P5Soc3YLp6fd2bzAPezQo1J5WJolTBXcYHBhWd_uhLbDowquTQ4G7zorW6fggvR6Ud7x6akCEDD6qtsBdgwHPSPlUtnPzxuAYht6x0dOdqnLZ3z6afvxv9ugJF1yBGvDfu7gWCD74ebPtqBX5UfNr5LIJ0eSauRZugUQPVRQ6R1e4Bpxprqxx3p2RMUaNqEmELGZ1G8NLJIM0O_i0LquL9vyWW6J1aSKa1qGV6W8o5h4007Y_ltpVEOX2dQTLLEBrVfgeT25aI3tmCGLvxBfW_PxEeslWRP8o3AK0gm9h_f-rJMz0OvDDVfVtSu2PbC37oop2qiaQSsDFy4zTFJ9FUdPWZYy71kGnhaGCDkqPrqL64wTtT72UO3sTZKwibjhTJlffhd0GjSelIZYVvYoRRqktFoGN22Ns8Z4c8NpujOguw34YcVd9ltJkl9RVjFCoCeV5OaYF5xGd95vLTNuNUdHtWa8wUrucLSJEnmPoV9f7sljblIOK7MdBsTTNxT66q2GaxbhKaZPx--xURjKlQH_TakPLVGBXFzEt-NlnG9jtkNETZT7blzTu7JkreQcxDjt_kY9Z6zVlC5poqW42JS9s3XVK9TYoEAMiriZWJkBvHc1WbN3mcOjHTA-Og8ADDfeGdgLPHQxvZ2d0DPrzQO8yCwsh52EUrwYaHVYnXfzO1NFoqvnKUc5W6ULW-nNMAj_szJxyl-GHBaw--ZZh01bi9h4Aj5iBEqU8RQ_HKMTUfhhrJYrZEu1xViKaYgWriTEHD-elgXB0F8Yf01xrnosJxuPTpWJf2STdfBH4lR_s_MShhDLVH9xV5gacGE9JhZJd0sK_0Gh9JY4N8Bh5D9hJqptrxDuMf5r1tLiaVO6dSA1rdKfl54h3IYxiaBhstrwYnudT8BTFMqGWiY1elfEw1klvXN1oq950SML2jfp2M1VQZV3pCLOIn-5X8To0BCj9f12otxHhpCTkmlCgZM5nix4OCEbamb5IHmWuZIrioQU04k0z_9Ni7qMw7FgoOrfR3VtSuaRArNcqVRQSbvQec2DakuO5xAcsibswIMtUmHuTkBu5jj7SfI7yZ6yJ98r2WJbrUmapmOUDzHKH9EN6Jp7GsvONk5nPlkITGXzVqLKLtcgLsoxG0lFUFCt4aIV1xZFCcCilXkvcKGxxVuKa-M9WlTRjtiEWYGiQfMGIbaCSjRaSMI8zlDpA8LuGy1NVfJiL0ROlYxHjjRtHygRolw3GfQ5hasra3ro1Xp9eLAQPhOaK1a-Z2PfTdL_TiPTRVSV8PH2I-k-CQnNbObf89tPXNPGikJdlYMRZ9yRVDjYgOHbiwru3_2Uc6rQv2sd_Q_Vabg80qFiL3qyHAqmiGVd70IXM9wU-GUg6b1DaFo4-aLfm6tYf90kwASaOewxFI3hg90jIMOk7LMeZ-bGqS2j0OBEFsacqvscU-14reH4TnCG0mIh9ti5cWjniewk056v6fELs_nzXExXLKnlij6zIhPSJBrubZHcfB95PXtiuFlN7IqUTcF5SZMf6NbXqAy-94P5yyj67Je-z_YVnlxvk99KGZyDCMlcUTIOMRhUwuv3uhoywywrrJXR_hWl_OSvsebk2DFLGx3Dh6R03SO95Et8KY-F49hg-hvlUNvClb6b6lhDdNnfzemyTczSIo2AUrk0hXFTyhBm4PlrwYTIVsKH4TYbzXof3_h7NfYjiNcJw7bhM0-hT6KQrZzaJQtSGdwLs9OnP0yc-TEHE3llztMOiLWjUMXdX6mpu1h9qFfFSE2gjRZpEqAH-HRNiDN4705llCVNcB-FbI8-yOnDVkHwmcqY8V1BnbRrSNAqexwfHd1FFnwmxR0YDElB6wokr_x8Lbbx9rIEWDYnWybq94UnBlCdkCvylJAgr0rVMESOh5Kv8T6EEYTY55vlYi9Axag5hLVpkhonBZTe8-MnkkvBnxO_LwzTlW6cbLiyr7rG4ZNtll0Qs8C1vq8uFTdff6xu8_PX3jKL2X68hMwi_4Zzdy1NXhlyOCDYzozErj5r62MgwoIk5PteFVFAn3ksOImgZZm_V3jh8ap5XpxbSsQFDb_14uMDI4grF17RxrfhmCRJBh_fXMqZe8HdPx2Kqr_X1twle2EHCYbmj8pE_HETotnfipZfScwnRsRc1jpPwGyGIKqYUwGYvgu1vJ0Ycym1FQI9VRZ206WZl-mkE5R-sdoYqG-owAChzWr8dtJA&cid=CAQSTwDICaaNTsxopCEm5iKiw0B2idJ9TbfsNrnaXB-W_bar1LUHAnim3W8k8--jZ8GCee_sesf8vfdptxMsP_lfC69Q_RdVGQYe91IKVb6FVUMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Flive.koooralive-tv.com%2F&ds=l&xdt=1&iif=1&cor=15105508095208405000&adk=1761367587&idt=89&cac=0&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0f50ec81b534eafbcda2c2f18086d8dd1c483fd102701f199571d053e9550da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13782
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9D7F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1

43 B
732 B

30ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYk9PU-QEwAQ&v=APEucNXMzwVu3rOMfA8qg9MFVrx9L-jIsg5-dNxlZKveFpqEZfOC18KearsRKx40d-8PPIxwg6YB9KkWzQV8kGtboL87M4jsvpcUjCXrpgnASo5K9IV8VAMJSbo0-Th3oXhvW2w_HxRpdAtaJE77sZPVvIZsgBoLEvbaTlaDu98XqJZoezV0zRx_4PEtRSoC43tDgHKGLz1gDkYMcfu1R7uSIfbiGg_0Lw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBWadbNk3aU6OrSxyOmd3OKO65IKYG%2Fv2RDKNZ12PJXa6O44LMgi4v6ym4sVVONRzebYJsiUoSxAjhMB5Bqd6skzi3vOoQ7j8e%2BFo1zeXomBkU%2FfnWcbY52DPlxzijMV4I3noko5rr6CqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b7fb3a9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRSnRNEG6VBk8mEEXAdqHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9D7F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUyOvL-XLFijqZvaWtSbuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXcNZetkrGmkY3VZ9oYdoY&google_cver=1

43 B
734 B

28ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXcNZetkrGmkY3VZ9oYdoY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYk9PU-QEwAQ&v=APEucNXMzwVu3rOMfA8qg9MFVrx9L-jIsg5-dNxlZKveFpqEZfOC18KearsRKx40d-8PPIxwg6YB9KkWzQV8kGtboL87M4jsvpcUjCXrpgnASo5K9IV8VAMJSbo0-Th3oXhvW2w_HxRpdAtaJE77sZPVvIZsgBoLEvbaTlaDu98XqJZoezV0zRx_4PEtRSoC43tDgHKGLz1gDkYMcfu1R7uSIfbiGg_0Lw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BV0ygsNON20PKwZHqkVMneFy1K7jvINRysuFIJd%2FrEeo2isYr7n8sQIyTI%2BgYDcGuXEY8e8mQxydUB9qndcTxtdI%2BbpTjKddmWf838Wm7DsFKGn0GuBhZlL1NK8nA0fUJsBQ3GqcpddH%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823473b86bda9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXcNZetkrGmkY3VZ9oYdoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9D7F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBn3YiEXdMJ2pkTVkrOB38Q&google_cver=1

43 B
845 B

16ms
16ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBn3YiEXdMJ2pkTVkrOB38Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYk9PU-QEwAQ&v=APEucNXMzwVu3rOMfA8qg9MFVrx9L-jIsg5-dNxlZKveFpqEZfOC18KearsRKx40d-8PPIxwg6YB9KkWzQV8kGtboL87M4jsvpcUjCXrpgnASo5K9IV8VAMJSbo0-Th3oXhvW2w_HxRpdAtaJE77sZPVvIZsgBoLEvbaTlaDu98XqJZoezV0zRx_4PEtRSoC43tDgHKGLz1gDkYMcfu1R7uSIfbiGg_0Lw

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: b75ee03f-9dd8-43ee-ab00-5a90e8e95fa1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBn3YiEXdMJ2pkTVkrOB38Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9D7F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

170 B
188 B

26ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
an-x-request-uuid: f6ec62e6-fde8-4b4d-95fa-04638754a151
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxNTIwMDMxODkzOTg3Mzg5MA%3D%3D
x-proxy-origin: 178.162.209.134; 178.162.209.134; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A7F5 60 KB
24 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 07:48:12 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/js/ Frame A7F5 2 KB
749 B 18ms
13ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fbfdd86ba395960dd1ece3f485c3377338efbba426a44795edceaf0d1130d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DCCF 0
0 58ms
49ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKbHM8Lgf87sGbocb0QUsY2_1aKV4n6hROQ2COQn_UzoUAexZuZ8mjE-3_PifBnrn7EOiUyUIbuwvgYYsOYTzHFWaAcE1NYiITcq8TCX53UT-DmDvVp2Zsx-vYXpLQJhrjuWm0IQGcNeuXwsP8F2k4dsEyaKZC76rC9TiispdIHEX3bUIYKr96ulNNHA9t4EMaD8kDN6QwR2lYiAEvWs74QLOr7M6NCoTVfpxOfiLIbQpPq_7shAsAS2qAu-dscwM768MDJ8iOZG_1lsqo9620e7pdWiuhN2439QGUrq8q22TQBMzYxOBcolW9lNcaQALv-iDEWF17-JD4BpYpAq50wy23dwh0CVc5_YkZhvSdFUqAyfxbh6RqdNpmUhLOc2tJ95i4PvGW76G8jexWaDu7XJ8B4rWsfYPmGdbfPKMjLdQ99GqucNuYczdXOra0NUAzKHTNnmfZRt2NKXjM3j7WGHcue193RxUFo9ydy89pNF3CO2_1in3ymvihi14qQEvfGmxkTeo9cwpFxXGCr7oycV0UJ-eyq9cJwTsnwTOl3265Z9bf4D7GFsFlderZZEcEWnNw1wg3BVXxHtnUq8-f4mRBqQPTt-HnIwuZGkaNxGrKtI4fWgQL_2uyEEdqW6NxFjDz1lQnel6gULvSVO7AuX0k2hLqYerG_yScIzENqTaXKlcaR7OP1RrmYj--mKOeRFXsY0DE6h3u3DTw-E-RtWHeDO7xVdrngk5hLm7AEA9RJbAEn7jycx07bCcdu1Za954Q7SphpTGnkfq_uvHIFKYkXKjU9HU5PaQ8aWU4UBdNQDAV0EZGbIx5ciGN3ces0zts6k_kGI9zOM6Jv51Ti64ht_OeO0XcsI7gwO9EzMGi1fKp7PrOdbfrtRDUQuWqXOYoT2Uz8eqikvOok0OzlXsUED_b4L9OP88oBNq27pCClO_hR-LdAtWrOFhHZwCyAHLryiT_ZvMicJd_FibbGTecAhz7Dr6jzXKqBxA0QoS9uNBW_yb2zXkjEX_XrmBXaTTmS2BJuNpckD8JEmrPHoE1zw_noCrOI7YDlQ-hQDAydjCAkbvywoir86p0GMeH2RIm4yD2SC1HgNDzIbwwHQztVVVays-Gj2Xkr4BlqLZUdTCrYuolbsAzMGAR3SrUgjFd8b0ICuRan3bu3miHeOyEa8669qoCFjGxpIRwRggZ8ufYI_xVi2NZop7kqXLD6AvRvmTOeRO4q52sJThFmY6quTIjo3ro_nPUFTnFFnNdxt6PaaYzp4GMhB1uARUXobnBevWZ-mEHmONCZVthpoQAA0TTqf3rsVeK-hsrp6CvCNPmcpoTE05lQGUMI43FbJTQyLNsJO1m1sZ4vf1IB1k2LiM664MRcXbjLRJ_Zwnkh5QdzVluFj4TodPYezXn288y9jtwR28EAWQHVo52UGf_yA&sai=AMfl-YRSu5Vvx1T0D4Z5XG6JNC8S4Z-vrlkhNKb-6y5W-mI8mn3IetrvNU8alnAeuqY7aGF2dpbs9b3We9pZru60RSEkzA_kyI-G1Ngocp3pklzYXTZ3nd66KjFvGNLgBLJ7flx5hE6mvcu6A_TthimnpNmn0tWbUW7nXWsO2962sPELTGaFYDYIuiwCR_6gPQ1-2RaRLZSD2MFJPsBLKweIDkv3Vz5QwHf6RBOg0m20_QiNeJazVR5AcfjOKsnIHGZPkUhmTPhcr3Zp5ojt_LmyjgbvEWND2NiTc2w9-WiBFDbobInLchxKjijyHzSkHxBz11rM7iYyvTcCL-2fTHuY6PeZlge26P_dBKjtrQsh36fi4uc18XCi4FZWddfCSPK7QmLwEEmSY6EsK8PuPbtj_mcy1tTFURGwJY7b_qTtN-7-cHgSsCn2TpzvDrP4yq5r-Z_3oCLNrSp2lHEyxn3h5h_xU3xyWlkUHT-UtCL_G_vR7S_qVhbn0UE&sig=Cg0ArKJSzOg7VrBxRWd4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=241&vt=11&dtpt=239&dett=2&cstd=0&cisv=r20231106.66821&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E86C 0
0 48ms
47ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=1784667346036843&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10EC 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7095205673359&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10EC 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7095205673359&version=m202309260101&ct=77&x=1&cor=9668133066516568000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 10EC 20 KB
13 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMvbzqzhIcSixmX3CL5LL7LjqppxbrF2EQL7lyTYLDiu-laEtn05-_zX5NHYD9H1jxN4PpGpg8SIwjDJ0Hra6FYvQqdZ77VAcMvv3zg0mvGKWPlxoXqB0dMif1h22BvZTCVRcVbu054Lx6Q578VNFoPRgk_yAq8dn8qRF-CZIG7U2ebB8&cry=1&dbm_d=AKAmf-DrIO59qwER1gPvMJbRHDIchdDcH8QoqD7neCz-vqISwh21VPaV8vWyeUZU-jCOVZ3qyBtTE7hDEEnVCJoRdVsg4ACRQGqw6Dr4uKO40wnNa8zMsvgOp7q_E-cbAD3W5WkFcd34rlySo-jFNDAzHjOM1PXXmPfWuaUMqdnAfm02Lh9jF21WN75qbcY9FV9ajW_8tq_hmOfP-VudjV_P_gGxv4FoSoAylp6fMPsU7PlFbbQhDPl1F3nxapdsBnA0cjH-35PvXBIMIwBZZkIdjRV2f_l1raeGyz_Vxtn5_rBYRmlZNUV6dXj6pR-CsFmnoVpts_MI8y9sBbypZoQYzN0BEesOOW7jTO5Ybhgeq7cLoUu8rMpBMF7oEI2WfQW6miVOphCe8jkr4KD2oyuxKYj4x6KIOMY1Dmo04r2v5b4cSLlhgYKeBDSgb4zTlxVUOtoO4FzEn53KJ2hOkMN5MSUKQfStSlRknG9A44TVdy0aPnpkw22ORuY6sMCTTf6xEJAIQ7dvN64fopPXgmr8ObV16w8l1pHA9yuTzbZXCSuJcEMTkhOFwdZynzM4vWCel_sgq-Jq_LuiMFjIH7wJPAlv7kjZfxP2ORrVG8iOFwuz9Ji0WbToZms5ObL0QzCVq080bQKZOEeMdDgjeDVBC7F03FnmbQdu4Lf96e7hkaQjN6cu7dCcKii20NOoKRXFlmEJx7NOMEAofpaqpmbxEL_vezYr1i1Y_kpt-tw55WX_ZpVZpl96lZsQXzDq_1aMPTvEHXVSWqpmDRJV3lqNxYgCCa_p-eaqvM6XxQfUBtARu8FLz0mJIG_gfk3XUAKjpWv6a69kQMdcUPEZd-x9NcoiIHOr0zaLJLWgg_Sq9262o-E1v8gYJxgbSoYmxLgkJeX5CUmB2VY34vd_V9Huol6ftROafgAk1f0174PuCrR0I6Lnwfb0FIvFMOTRjmne_HTxB-3BQTu_fpiITQdfmm_FiTnzPU6px9DmN9MduWRh87C3D17fE_IYiTREbvWGwjsJxugAa4z_yIziONCCTpOzmWMai-QgX8oPYjxDh1ejm73ad0u4iX6gD8rLdB9bix_oq0Ca1CjAo2NVqxyQT_njRMLfinL3NMPAo69rVko9q3DbSt8LkJM-pNw4jVHPzoRpX1prLX_7QIyXDFK3mKlw-emplB63RnM5QLYsRe1nNITZmCxqpH3_5Haynl3GUwyJnbyWVnU252vw1dKOaj_Xz0FDCmIaaJut4mm_YeJispByj05oPCLTYC-1z9-bbGGuKa61h-3JfbHObxLlul-VSOyHJxM50qZuP9p28TaVoabyuxmZ28bsQeJzbQcPeiRbIofaAoQqhqyW9THKSPk01nezA6hcB0vvo17f12Qd6Gwg9fGWqVd87epz-IXUFgvn3HJC9hgQzJ6YLisFnqMJkDsLZGqcQgcLjdB5Rwsw2FzBVPUzODKxHMYSaJ5eTg995tGDshVIbGlf3XM_VrpVjU2TUJJQitdoz79UgbGHYUhH-UpSo4XDUAr-rofNMNx9XTrjfriT5PFTf5rArwGmeyzgIpI6MU0guQgLNpuh9LHWPw6XCOg0IcO3WjTlvN1Mo4eWZkpZVhz4GYToX20VjUthX8DpOuLVka8P6LubrTvbj6Lxi_WwB8dxNLU2GRRYXlPywi8W0r_KzHdx35kqIZEU-4727p9ks49z_QDjaCJ_zFiMDLW-rXqx6gXpjTF8UzFaiglIdSU2GxWT7lz-J0-Uj9YhU4OPLqdedvQ6cT5-XfnhXTYiLrEDJrYdLu2KC46cFcYcizzPzzljakoZmk5UBJBFNmLPWSJGzfvb969RsvR4t23E44-X9LZ_5dJJlmBi3N7fyJOHOGZzstldJ8po4DdfBcGToPZdc3I8LQ1f5xf3BD1ozSM_muC_GuqEk3LpdrWfraS39SxvCmpziKSP6D7QY24i_vR0rq2GiCgJ3Z_E0rz7p6ZXbzSJM4UQCU5FmVVsHuDWdHoG9vh_kefi90zfVpJgnDcOu1XJipYjfO7oGcF-eEYpljnSEussCX-ZUHm4F0iKycNtiCzP37wshkqDqXhBiIMuSm1K0WHcm8UuqaXptLVDoqa6xcuSUBDcB5Rsx6saiLN5SJKokOiQUBEUDERlpQ969e-YlHMzY8ucLrP8qBd-hOozKJUWnJWet73VeFe9wfyp9Kq-92PxS4efBfxQ3jgft794In1q6IlRXTZ3YF9hiqICUaLMVXANj5u3af0UqQBvxnnXEWJrVRc-Q5r8huCEsQZBPWPntDgofBW1FYYSGDK1pL-a8N-ZS2Mrxzc7SdQqXoS8Tl09-JtusQwLQBosovOk-RaJ6tZyRJMYUjmKbyL22qK2yoa-t0mfG3wSG0WkqdHS1irizl-fVLb4TGMfq21U8ez0ofjO-bY3vMWLIm_Ywk-sManDeZxRYjR40f_jEJlYtHYP2BDgjO_Ucc16jRYJWgTMuDieGFwAxHZ3C4bYPzRi5z6NpI56kwDWHK2LrpY-vnpAw6z4tpIn2MTOa-EsNoP06IOi-9HkoYO2Ecb5Yj4sw-twawtA4TvzfzSpdRQ8_4jxYzlftnzd0VoiJpf4WV-Vre5fdHAyJB_MSDjLu9qN4lWZPVS_mz-uirZSxMxQ042c0JvTr2vwGZC9uDGff6VOFDfmFQiuN8SKeYD9ZaHABe85bgu0fNE4BVAMCxvZLsD5sXEsinqKQZwBySN65idHdrrTNsZ49EMlJF4vRgifbw9gOctMEf8qQ3DVu7qAqDCGIEyk7UmaI4LDSGCcgSGWnWeTPhzcb7KQJPJr38qWglpqe4vYWn22k83vKmXrsXwz18l9lU5ugXMBiOpb_EsgEQvjDisVGgWKuqgtGNYDUjhfjzWJJoTwnkdd-G_P3kNHs0j5WAOmwBHLVALuRcJ2h4nr2dr6E9NK6H6Ae12GwbZgROgCDl0KqX1A3VUIZoInFO37U1BiiTfO3ZKcHNFvkoG-70KvCvtT-iw6fZK9Fzqr5A3CdkubHjcReG0ry0S5dWIZzbfhNz5PQrfoF4PxzmfHqW9WtzIv77cogVjrJv3dLCOBH2QUKNpP0g2Gt9PE6zFowRAfpj5m91DRF95wYYxDfr67MXjKFesk2xB2ozQ3nGegX9Lel69pE2zr5uulHEY-MY6OA6U9dLYflhSdhUiMKsSOX-vAMQnAyjN06oFRKU280tQCejBhbVO8qZcZ9HBGDHmcKIMCFfQU2UNWPdhBAjaJmi5CPbyp4_R-9xH7FmWZunr7v6PVFz9dgFmoXTFmvI-Fpd2qrxlvghIlwV2IRS5aJptZIIYpg2itZkPXR7qFllHmHYobffhd-kghaBYQsHQFOz0o7d0KxwadcVHasHNlwCdNvi_EbEBLfg941_kkuqqp9wVjslpIVgZJNJiMRCSv_KLiQZab_bUu0l38IWVdr1qg1JTXSu71j4WXwhZfknsgjrcaeGB_1ZCRU0u4O0zgNpix_9hSYb6oZHpGt8dd3rEqrSJ92rPXHNNShlj8tyJ15Mu37nfKxF6G9_JmvZAKAcs3JbHLHnxTJ0iBXxW6EiJdju7gqy2ZVsqdIBTzTC0-yXaJisNEzwK9GSLqkAq7Hqv6MEQKMaAMCfFBB_fI4GOQSzBEFrC63WoaO7W0MY-GdfGk09EqwclKa3FsMF841EhkErKUO3CEBb2FJdJBaZsq8qe91Wn2boCo-cZnJYspCFbgCicmGK3hykZVbLrg9w4nWc_yxtHYsk4077fAjKxzKzOYLZxntkBntY41n5Y66aP4ENByR09SLR1rF6MqDKr3coyHMufj3Ygdy4ZwLBRpQUmJ4HP-eq-jf4tGJxgIa8bkg3WaYc3R6eXTvyKhn9kJOjNyUjTT6GgmCk_2BApHM-AqosDytrp-9AbFYv0YE_G0hoDtkPUPzASpyCG-nNGU6tjrQ1bag6kszuo80KeVEVe86FpE138Ngmo0FN2gsJD5Y_5lXHeO0I3tC7C236oayQ5vni2JtWWZ_YdVO0ICiLhsikAsMULMTA2xw4lWXHFWuXnh-ijbAe4V1_uxch6O8CtwGjU9FfLI7lrDh8dGlf_8g-B-SGAZe3lsWTADYDr36jfIMYod-Y_Ixw2uf-CV4tN6VJkMqk9YxXpRWFkMxQZK0vgs3AJJp5AkcEMnPCRy6akdNUfnCxstmexuqFDMvF0CyiZdDNLs8jK4C5hENSQBzXQOUL-AFs3IQU5gTxKgIiY_pTP7PLBEGFRstK9o4Ilt-2BiMHc&cid=CAQSTgDICaaNbt-OhQAWh0Rd8KCJw4o_rGjaD1N_Nvye1WrLsPPPFQMeq-lgw_5uK03dn_Gq9deeA7k-ATF2ZfRVhRHeBoQgYqB4Ot8BLRZQnxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Flive.koooralive-tv.com%2F&ds=l&xdt=1&iif=1&cor=9668133066516568000&adk=3047537735&idt=113&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e0ed3924a82752f0529f39662cd20a70bdfb19ed75bc298baaf51397c4b66a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13689
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7188 38 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DBD 41 KB
14 KB 25ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dnt2S26LDZR24j-biLvEk1X7lxIVceukpvaSDa_02uWSlSSo3UT6eWRSoxbNCcLf9Y7k6_2z8Ej3vYhnZAz0jDJjQHpT_rhp31m8drXGJ01UpMm94QmG0miavS2cbwJr-tx9CAKyj_4-sbkNmLYfN42Bdjgwy8t-abrX0IkxIcT3UoC8A&cry=1&dbm_d=AKAmf-AAvlgil_RjY9CMchmqe3lMwB7c1XyI2-ohEv9lvGRQ9Rn_jB-nt7RwlkVQUvOkQoIRtCHAHdbbpy0xM4T-iGJLCzpQHh5i-YhZZWBTubksG-N6TxlyD5JPYJkx8ueM0rCJhzgPK6T2g7Ee_DB93lkRf8vsmkw9hzB1Tu3U8rmTmkR_t5wy7bqzdu-myindfyMYGndv7ogimN9VsyjUwTa9rfd9Cibf2tMlm_eJ4tLUHkrQ7j4VdX3JzTBt1SKcAQPi0mKdqdVqCSZm7KA_6iMeGwHraXU78H5gQGonazTz_ogMptyLbnG6vMLLA7ZHBZzqM4Dt172FRG3HcX0hYOX1VTlxBRm39RahNz-N0UYpXC6uGaHmA0g7LLhzyIJoyMpOW1ndethto2JJYSv8w4XjaCL2Jy2Hr0kSBERuJlAE3tC3SCFnw8Iet3JVeL-IbRsTSNge3JAXzzMtr7pO3jPabXN-83l4fHLLQG286J9LDw31rpXu4Iy3Jekx7skrna9XtBC0Nd-E8QJCzklgpw6PeNFjNLmKXq7zSa_V7uT2K1i-eHubv7R7-PpwvkrJuMQLUFwrosztV4Ij3_vJ9Plw2hJTlHoNOgfXEOmJfLWSKLLKUKOsS1wwqo0KCpfgxeLQymtlUcvScc8B5GniVJyhpaaxDkSQx6vT8QH8G2WDdp5xkii7lzQIqxLzae0C2ekSb5lOYgV-TRZW7sQCADDOIniml5pOZZMSy5RGes9npVGdnbRHtnh-Z5N7Z8pd6UEarqZYJ_IuP15VfDV1l9HsExIMgWzQgdrGPdW1kPWkI3NPeEejgw7xf8PgMryr5Bhl_XY7qqsq3UkgVaWaCELw4Qk0ePxHKkT583Fw3RNEt5FgMS93_4p6ApNzyREbg8N49TKM9kZayTNaNi5Ic_rjGq3XRsbYicXP9PcaNlkN9LSw8AbyHnvL0Ap44RdwlNKRe6nerOCaSlkLpIfBjbSibv0vICtNqUzdY4bd5nNgmJFxzYo2FMSeA4N7Dve0eqsr6znSJ7uCCEW5CwvzLCE5dlRCLGiDxdZCXw7z-P3WQVtJJvDdyvqqG7kRDe7D8hVy5173nhAOj16DOUy2GLgujBUzk50-sBTfnDKJ6x0aUWUq0V5hGtwKO0cNdkKZQrR0ZlYX99lEhWRFOBt7UeKCJTkURGzRSWNh154IP5Px7yYmK8_HIPSdBH8RsPDA0Kkmys0AVnOzijZGx5qD1RfurrXUfhWP19auHXMRYmB3DFwHunIdDOLhjGfiDifjABTuHrEXQcr6tpMYgF7_hRUm1dJ2he5KS7aBAYg2WbJfPqRVwpgwbHtElbKYoAd1eoVM1m0OAXwpzGgO7s1R7CYW_uXBi1wtbJe--L0kDuvGHsUhsK8PqPkV2oU266sfhe1fHiL9iAe9GOlt3LQbZWnvOtlMN5aNdzzn42AGOhwIiU1NakRj74TrplgBLBho0rvgSDUFfDE4PS41RVeE1SOUW2Pt38euXp3ISdXsOI4ZYYC7O4B5ZAqueqabZQbJAHY7juvGwoPxscLuYgJ7Tu0lYwvHlij30WG6fKm-ih4Vkdt1SXnVMS9VeLdwJsRPuG4ImsRf061vU-hY_yw-kg6jRbID4GwC-i1uvD1hv45kK_5QSITJsCoArR5LpVoduqrl-m6SDkHlwWHki2hT9-079YLb9dpNCtOwI67F_aUIvG1SnPd4YW70MetHH8YlfjP2ILnfN04S871oBIQ8gUvtz-nTLkbJj-BWBgpSkMjHreo7SxqbjDSj13gygo8q0EsDCn2cG-Rjryf4tGQunzzmhrhkHpURWTKceCnShItrBUgZJ5LvhMHH5YCY0MxLf9JQmUVgVmcUuGbIq33od1dTGkJMKc5o-IvC9fXFjh9mLs09XdPygSoOyXE9FapB4qEj4EpXITIUvKDBLTHX3nWUVvwzchy6UD2CJ3C26oPbv0XDMIeE1xEUkrnpOrxZrCfkrK2xLhwEngvTB2laV0oMbmvOYRr_tETmPBZi8GH7YVKlKN3mIMF377JJpoklD4alt5CtGTLzbzxJSmCZUA43lgdN1og5EzoRznu-U2P5Soc3YLp6fd2bzAPezQo1J5WJolTBXcYHBhWd_uhLbDowquTQ4G7zorW6fggvR6Ud7x6akCEDD6qtsBdgwHPSPlUtnPzxuAYht6x0dOdqnLZ3z6afvxv9ugJF1yBGvDfu7gWCD74ebPtqBX5UfNr5LIJ0eSauRZugUQPVRQ6R1e4Bpxprqxx3p2RMUaNqEmELGZ1G8NLJIM0O_i0LquL9vyWW6J1aSKa1qGV6W8o5h4007Y_ltpVEOX2dQTLLEBrVfgeT25aI3tmCGLvxBfW_PxEeslWRP8o3AK0gm9h_f-rJMz0OvDDVfVtSu2PbC37oop2qiaQSsDFy4zTFJ9FUdPWZYy71kGnhaGCDkqPrqL64wTtT72UO3sTZKwibjhTJlffhd0GjSelIZYVvYoRRqktFoGN22Ns8Z4c8NpujOguw34YcVd9ltJkl9RVjFCoCeV5OaYF5xGd95vLTNuNUdHtWa8wUrucLSJEnmPoV9f7sljblIOK7MdBsTTNxT66q2GaxbhKaZPx--xURjKlQH_TakPLVGBXFzEt-NlnG9jtkNETZT7blzTu7JkreQcxDjt_kY9Z6zVlC5poqW42JS9s3XVK9TYoEAMiriZWJkBvHc1WbN3mcOjHTA-Og8ADDfeGdgLPHQxvZ2d0DPrzQO8yCwsh52EUrwYaHVYnXfzO1NFoqvnKUc5W6ULW-nNMAj_szJxyl-GHBaw--ZZh01bi9h4Aj5iBEqU8RQ_HKMTUfhhrJYrZEu1xViKaYgWriTEHD-elgXB0F8Yf01xrnosJxuPTpWJf2STdfBH4lR_s_MShhDLVH9xV5gacGE9JhZJd0sK_0Gh9JY4N8Bh5D9hJqptrxDuMf5r1tLiaVO6dSA1rdKfl54h3IYxiaBhstrwYnudT8BTFMqGWiY1elfEw1klvXN1oq950SML2jfp2M1VQZV3pCLOIn-5X8To0BCj9f12otxHhpCTkmlCgZM5nix4OCEbamb5IHmWuZIrioQU04k0z_9Ni7qMw7FgoOrfR3VtSuaRArNcqVRQSbvQec2DakuO5xAcsibswIMtUmHuTkBu5jj7SfI7yZ6yJ98r2WJbrUmapmOUDzHKH9EN6Jp7GsvONk5nPlkITGXzVqLKLtcgLsoxG0lFUFCt4aIV1xZFCcCilXkvcKGxxVuKa-M9WlTRjtiEWYGiQfMGIbaCSjRaSMI8zlDpA8LuGy1NVfJiL0ROlYxHjjRtHygRolw3GfQ5hasra3ro1Xp9eLAQPhOaK1a-Z2PfTdL_TiPTRVSV8PH2I-k-CQnNbObf89tPXNPGikJdlYMRZ9yRVDjYgOHbiwru3_2Uc6rQv2sd_Q_Vabg80qFiL3qyHAqmiGVd70IXM9wU-GUg6b1DaFo4-aLfm6tYf90kwASaOewxFI3hg90jIMOk7LMeZ-bGqS2j0OBEFsacqvscU-14reH4TnCG0mIh9ti5cWjniewk056v6fELs_nzXExXLKnlij6zIhPSJBrubZHcfB95PXtiuFlN7IqUTcF5SZMf6NbXqAy-94P5yyj67Je-z_YVnlxvk99KGZyDCMlcUTIOMRhUwuv3uhoywywrrJXR_hWl_OSvsebk2DFLGx3Dh6R03SO95Et8KY-F49hg-hvlUNvClb6b6lhDdNnfzemyTczSIo2AUrk0hXFTyhBm4PlrwYTIVsKH4TYbzXof3_h7NfYjiNcJw7bhM0-hT6KQrZzaJQtSGdwLs9OnP0yc-TEHE3llztMOiLWjUMXdX6mpu1h9qFfFSE2gjRZpEqAH-HRNiDN4705llCVNcB-FbI8-yOnDVkHwmcqY8V1BnbRrSNAqexwfHd1FFnwmxR0YDElB6wokr_x8Lbbx9rIEWDYnWybq94UnBlCdkCvylJAgr0rVMESOh5Kv8T6EEYTY55vlYi9Axag5hLVpkhonBZTe8-MnkkvBnxO_LwzTlW6cbLiyr7rG4ZNtll0Qs8C1vq8uFTdff6xu8_PX3jKL2X68hMwi_4Zzdy1NXhlyOCDYzozErj5r62MgwoIk5PteFVFAn3ksOImgZZm_V3jh8ap5XpxbSsQFDb_14uMDI4grF17RxrfhmCRJBh_fXMqZe8HdPx2Kqr_X1twle2EHCYbmj8pE_HETotnfipZfScwnRsRc1jpPwGyGIKqYUwGYvgu1vJ0Ycym1FQI9VRZ206WZl-mkE5R-sdoYqG-owAChzWr8dtJA&cid=CAQSTwDICaaNTsxopCEm5iKiw0B2idJ9TbfsNrnaXB-W_bar1LUHAnim3W8k8--jZ8GCee_sesf8vfdptxMsP_lfC69Q_RdVGQYe91IKVb6FVUMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Flive.koooralive-tv.com%2F&ds=l&xdt=1&iif=1&cor=15105508095208405000&adk=1761367587&idt=89&cac=0&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTUxNjA5MjA4Nzg1MQogIHNlcnZlcl9pcDogMTM0MDU3ODkwCiAgcHJvY2Vzc19pZDogODA2MDcwNjIzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDk4NDY2NjMK...
ad.doubleclick.net/ddm/activity/ Frame 7DBD 0
863 B 100ms
50ms Image
image/png 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTUxNjA5MjA4Nzg1MQogIHNlcnZlcl9pcDogMTM0MDU3ODkwCiAgcHJvY2Vzc19pZDogODA2MDcwNjIzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDk4NDY2NjMKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RhY2hmZW5zdGVya29uZmlndXJhdG9yLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDkwMjk2NjkyMTczOTExMjYzMDAKZGVidWdfa2V5OiAxMzQxMTY3NDA3OTY1Mzg4ODYxNQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMDkiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5ODQ2NjYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzc4MDkwMDc4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0OTg0MTU1ODcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA2MTgzMDAwOTUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MjM2MDMzNTQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGFjaGZlbnN0ZXJrb25maWd1cmF0b3IuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly92ZWx1eC5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RhY2hmZW5zdGVyLXJvbGxvLXNob3AuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x9f233c1d0db4242f0000000000000000","13":"0xb292231e2e04d8550000000000000000","14":"0x3feb61053d5b5d630000000000000000","15":"0x521cc59e50286d780000000000000000"},"debug_key":"13411674079653888615","debug_reporting":true,"destination":"https://dachfensterkonfigurator.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9846663"]},"priority":"0","source_event_id":"9029669217391126300"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 7DBD 59 KB
23 KB 22ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 00:21:59 GMT

GET
H3 200 container.html Show response
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E99 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.koooralive-tv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 07:48:11 GMT
expires: Fri, 08 Nov 2024 07:48:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 109ms
108ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=8.98&b=2&r=koooralive-tv.com_auto_interstitial_desktop&sy=0e170f66-49b6-4e7e-8650-c71e93069c60&ts=94&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=live.koooralive-tv.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=cb72c371-2bb2-4cb6-950e-254980c55eb0&e=lm&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:12 GMT
cf-cache-status: HIT
age: 2233671
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473b88c621c79-FRA

GET
H/1.1 200
OK dv-measurements4884.js Show response
cdn.doubleverify.com/ Frame 255F 421 KB
99 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4884.js
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d7cbb16c11db9f2d7ef179daf620425dd028396d23bc54957d80926b8ab08905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 07:48:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:54:02 GMT
Server: UploadServer
ETag: "73822042d6be41f2cdb97755b16d9106"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101294
Expires: Fri, 08 Nov 2024 07:48:12 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C2E 38 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 10EC 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMvbzqzhIcSixmX3CL5LL7LjqppxbrF2EQL7lyTYLDiu-laEtn05-_zX5NHYD9H1jxN4PpGpg8SIwjDJ0Hra6FYvQqdZ77VAcMvv3zg0mvGKWPlxoXqB0dMif1h22BvZTCVRcVbu054Lx6Q578VNFoPRgk_yAq8dn8qRF-CZIG7U2ebB8&cry=1&dbm_d=AKAmf-DrIO59qwER1gPvMJbRHDIchdDcH8QoqD7neCz-vqISwh21VPaV8vWyeUZU-jCOVZ3qyBtTE7hDEEnVCJoRdVsg4ACRQGqw6Dr4uKO40wnNa8zMsvgOp7q_E-cbAD3W5WkFcd34rlySo-jFNDAzHjOM1PXXmPfWuaUMqdnAfm02Lh9jF21WN75qbcY9FV9ajW_8tq_hmOfP-VudjV_P_gGxv4FoSoAylp6fMPsU7PlFbbQhDPl1F3nxapdsBnA0cjH-35PvXBIMIwBZZkIdjRV2f_l1raeGyz_Vxtn5_rBYRmlZNUV6dXj6pR-CsFmnoVpts_MI8y9sBbypZoQYzN0BEesOOW7jTO5Ybhgeq7cLoUu8rMpBMF7oEI2WfQW6miVOphCe8jkr4KD2oyuxKYj4x6KIOMY1Dmo04r2v5b4cSLlhgYKeBDSgb4zTlxVUOtoO4FzEn53KJ2hOkMN5MSUKQfStSlRknG9A44TVdy0aPnpkw22ORuY6sMCTTf6xEJAIQ7dvN64fopPXgmr8ObV16w8l1pHA9yuTzbZXCSuJcEMTkhOFwdZynzM4vWCel_sgq-Jq_LuiMFjIH7wJPAlv7kjZfxP2ORrVG8iOFwuz9Ji0WbToZms5ObL0QzCVq080bQKZOEeMdDgjeDVBC7F03FnmbQdu4Lf96e7hkaQjN6cu7dCcKii20NOoKRXFlmEJx7NOMEAofpaqpmbxEL_vezYr1i1Y_kpt-tw55WX_ZpVZpl96lZsQXzDq_1aMPTvEHXVSWqpmDRJV3lqNxYgCCa_p-eaqvM6XxQfUBtARu8FLz0mJIG_gfk3XUAKjpWv6a69kQMdcUPEZd-x9NcoiIHOr0zaLJLWgg_Sq9262o-E1v8gYJxgbSoYmxLgkJeX5CUmB2VY34vd_V9Huol6ftROafgAk1f0174PuCrR0I6Lnwfb0FIvFMOTRjmne_HTxB-3BQTu_fpiITQdfmm_FiTnzPU6px9DmN9MduWRh87C3D17fE_IYiTREbvWGwjsJxugAa4z_yIziONCCTpOzmWMai-QgX8oPYjxDh1ejm73ad0u4iX6gD8rLdB9bix_oq0Ca1CjAo2NVqxyQT_njRMLfinL3NMPAo69rVko9q3DbSt8LkJM-pNw4jVHPzoRpX1prLX_7QIyXDFK3mKlw-emplB63RnM5QLYsRe1nNITZmCxqpH3_5Haynl3GUwyJnbyWVnU252vw1dKOaj_Xz0FDCmIaaJut4mm_YeJispByj05oPCLTYC-1z9-bbGGuKa61h-3JfbHObxLlul-VSOyHJxM50qZuP9p28TaVoabyuxmZ28bsQeJzbQcPeiRbIofaAoQqhqyW9THKSPk01nezA6hcB0vvo17f12Qd6Gwg9fGWqVd87epz-IXUFgvn3HJC9hgQzJ6YLisFnqMJkDsLZGqcQgcLjdB5Rwsw2FzBVPUzODKxHMYSaJ5eTg995tGDshVIbGlf3XM_VrpVjU2TUJJQitdoz79UgbGHYUhH-UpSo4XDUAr-rofNMNx9XTrjfriT5PFTf5rArwGmeyzgIpI6MU0guQgLNpuh9LHWPw6XCOg0IcO3WjTlvN1Mo4eWZkpZVhz4GYToX20VjUthX8DpOuLVka8P6LubrTvbj6Lxi_WwB8dxNLU2GRRYXlPywi8W0r_KzHdx35kqIZEU-4727p9ks49z_QDjaCJ_zFiMDLW-rXqx6gXpjTF8UzFaiglIdSU2GxWT7lz-J0-Uj9YhU4OPLqdedvQ6cT5-XfnhXTYiLrEDJrYdLu2KC46cFcYcizzPzzljakoZmk5UBJBFNmLPWSJGzfvb969RsvR4t23E44-X9LZ_5dJJlmBi3N7fyJOHOGZzstldJ8po4DdfBcGToPZdc3I8LQ1f5xf3BD1ozSM_muC_GuqEk3LpdrWfraS39SxvCmpziKSP6D7QY24i_vR0rq2GiCgJ3Z_E0rz7p6ZXbzSJM4UQCU5FmVVsHuDWdHoG9vh_kefi90zfVpJgnDcOu1XJipYjfO7oGcF-eEYpljnSEussCX-ZUHm4F0iKycNtiCzP37wshkqDqXhBiIMuSm1K0WHcm8UuqaXptLVDoqa6xcuSUBDcB5Rsx6saiLN5SJKokOiQUBEUDERlpQ969e-YlHMzY8ucLrP8qBd-hOozKJUWnJWet73VeFe9wfyp9Kq-92PxS4efBfxQ3jgft794In1q6IlRXTZ3YF9hiqICUaLMVXANj5u3af0UqQBvxnnXEWJrVRc-Q5r8huCEsQZBPWPntDgofBW1FYYSGDK1pL-a8N-ZS2Mrxzc7SdQqXoS8Tl09-JtusQwLQBosovOk-RaJ6tZyRJMYUjmKbyL22qK2yoa-t0mfG3wSG0WkqdHS1irizl-fVLb4TGMfq21U8ez0ofjO-bY3vMWLIm_Ywk-sManDeZxRYjR40f_jEJlYtHYP2BDgjO_Ucc16jRYJWgTMuDieGFwAxHZ3C4bYPzRi5z6NpI56kwDWHK2LrpY-vnpAw6z4tpIn2MTOa-EsNoP06IOi-9HkoYO2Ecb5Yj4sw-twawtA4TvzfzSpdRQ8_4jxYzlftnzd0VoiJpf4WV-Vre5fdHAyJB_MSDjLu9qN4lWZPVS_mz-uirZSxMxQ042c0JvTr2vwGZC9uDGff6VOFDfmFQiuN8SKeYD9ZaHABe85bgu0fNE4BVAMCxvZLsD5sXEsinqKQZwBySN65idHdrrTNsZ49EMlJF4vRgifbw9gOctMEf8qQ3DVu7qAqDCGIEyk7UmaI4LDSGCcgSGWnWeTPhzcb7KQJPJr38qWglpqe4vYWn22k83vKmXrsXwz18l9lU5ugXMBiOpb_EsgEQvjDisVGgWKuqgtGNYDUjhfjzWJJoTwnkdd-G_P3kNHs0j5WAOmwBHLVALuRcJ2h4nr2dr6E9NK6H6Ae12GwbZgROgCDl0KqX1A3VUIZoInFO37U1BiiTfO3ZKcHNFvkoG-70KvCvtT-iw6fZK9Fzqr5A3CdkubHjcReG0ry0S5dWIZzbfhNz5PQrfoF4PxzmfHqW9WtzIv77cogVjrJv3dLCOBH2QUKNpP0g2Gt9PE6zFowRAfpj5m91DRF95wYYxDfr67MXjKFesk2xB2ozQ3nGegX9Lel69pE2zr5uulHEY-MY6OA6U9dLYflhSdhUiMKsSOX-vAMQnAyjN06oFRKU280tQCejBhbVO8qZcZ9HBGDHmcKIMCFfQU2UNWPdhBAjaJmi5CPbyp4_R-9xH7FmWZunr7v6PVFz9dgFmoXTFmvI-Fpd2qrxlvghIlwV2IRS5aJptZIIYpg2itZkPXR7qFllHmHYobffhd-kghaBYQsHQFOz0o7d0KxwadcVHasHNlwCdNvi_EbEBLfg941_kkuqqp9wVjslpIVgZJNJiMRCSv_KLiQZab_bUu0l38IWVdr1qg1JTXSu71j4WXwhZfknsgjrcaeGB_1ZCRU0u4O0zgNpix_9hSYb6oZHpGt8dd3rEqrSJ92rPXHNNShlj8tyJ15Mu37nfKxF6G9_JmvZAKAcs3JbHLHnxTJ0iBXxW6EiJdju7gqy2ZVsqdIBTzTC0-yXaJisNEzwK9GSLqkAq7Hqv6MEQKMaAMCfFBB_fI4GOQSzBEFrC63WoaO7W0MY-GdfGk09EqwclKa3FsMF841EhkErKUO3CEBb2FJdJBaZsq8qe91Wn2boCo-cZnJYspCFbgCicmGK3hykZVbLrg9w4nWc_yxtHYsk4077fAjKxzKzOYLZxntkBntY41n5Y66aP4ENByR09SLR1rF6MqDKr3coyHMufj3Ygdy4ZwLBRpQUmJ4HP-eq-jf4tGJxgIa8bkg3WaYc3R6eXTvyKhn9kJOjNyUjTT6GgmCk_2BApHM-AqosDytrp-9AbFYv0YE_G0hoDtkPUPzASpyCG-nNGU6tjrQ1bag6kszuo80KeVEVe86FpE138Ngmo0FN2gsJD5Y_5lXHeO0I3tC7C236oayQ5vni2JtWWZ_YdVO0ICiLhsikAsMULMTA2xw4lWXHFWuXnh-ijbAe4V1_uxch6O8CtwGjU9FfLI7lrDh8dGlf_8g-B-SGAZe3lsWTADYDr36jfIMYod-Y_Ixw2uf-CV4tN6VJkMqk9YxXpRWFkMxQZK0vgs3AJJp5AkcEMnPCRy6akdNUfnCxstmexuqFDMvF0CyiZdDNLs8jK4C5hENSQBzXQOUL-AFs3IQU5gTxKgIiY_pTP7PLBEGFRstK9o4Ilt-2BiMHc&cid=CAQSTgDICaaNbt-OhQAWh0Rd8KCJw4o_rGjaD1N_Nvye1WrLsPPPFQMeq-lgw_5uK03dn_Gq9deeA7k-ATF2ZfRVhRHeBoQgYqB4Ot8BLRZQnxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Flive.koooralive-tv.com%2F&ds=l&xdt=1&iif=1&cor=9668133066516568000&adk=3047537735&idt=113&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTUxNjA5MjIxMjA2MQogIHNlcnZlcl9pcDogMTQ2NTIyNjQ2CiAgcHJvY2Vzc19pZDogNTM3MTkxOTkxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDk4NDY2NjMK...
ad.doubleclick.net/ddm/activity/ Frame 10EC 0
503 B 53ms
52ms Image
image/png 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTUxNjA5MjIxMjA2MQogIHNlcnZlcl9pcDogMTQ2NTIyNjQ2CiAgcHJvY2Vzc19pZDogNTM3MTkxOTkxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDk4NDY2NjMKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RhY2hmZW5zdGVya29uZmlndXJhdG9yLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDcxMjM5Njc2NzU3Mzg5ODMyMTkKZGVidWdfa2V5OiAxMzQxMDg4ODE3Njc1MzI0MTMwMQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMDkiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5ODQ2NjYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzc3NjU4NjE3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0OTg0MTU1ODcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA2MTgzMDAwOTUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MjM1Nzc3NDcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGFjaGZlbnN0ZXJrb25maWd1cmF0b3IuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly92ZWx1eC5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RhY2hmZW5zdGVyLXJvbGxvLXNob3AuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x9f233c1d0db4242f0000000000000000","13":"0xb292231e2e04d8550000000000000000","14":"0x3feb61053d5b5d630000000000000000","15":"0xb7f623520c47d8a00000000000000000"},"debug_key":"13410888176753241301","debug_reporting":true,"destination":"https://dachfensterkonfigurator.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9846663"]},"priority":"0","source_event_id":"7123967675738983219"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8E99 4 KB
1 KB 83ms
24ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 06:56:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 07:48:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 63E0 2 KB
822 B 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 63E0 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 63E0 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2EFB 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 63E0 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 63E0 0
0 23ms
21ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbKI7GH-7J6l6z62Y6icDHAO16Tfw94IaYhQMSNOmdt5NBuyd2Qj5g2DjPWyOx0xuzJGdcfl4DJvZ9nClh3xbpnLnP8g
Requested by: Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63E0 190 KB
60 KB 26ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:12 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 63E0 37 KB
16 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 05:36:35 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 8E99 21 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:51:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E99 205 B
296 B 52ms
19ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:29:06 GMT
x-content-type-options: nosniff
age: 260346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Nov 2024 07:29:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E99 604 B
920 B 51ms
18ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 584254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Nov 2024 13:30:38 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5FB7 0
0 55ms
54ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrQBOwdIMvu4IPeE5x0acGWjiNS1-xGRhhNPAZojX9nlmwuoph4EvLOKgmDH3LhBmslEJwi3BVjcL_a5aPWsGa9cT2Y2A7fbR1WB3mN_hs8G1TzDKxXC1w9Plxyki4t9FwsTivG5Y2JoyJfxLLot2uoKSJ4TRus-Z0hh5ehQVwCrTqirs5fod4jwJUc5NMvxTpZivBT9-eV9ADI5E346MPkziuYbMaeeWPJoH5k4A5SEjqoCC1fNIDUkoLxchw7X_NhO8lvA8i5xkahiVBhy7_-fUkhBBkXPJpNHwlafw-0j0PPGWGGyZUwEtgtvg9LeivMr9qB9yc9c1R3q_I7rJdgPS-LdrszTtJgrOrcw-3oFecFtrJPo4j3u9JilGGeulx2EyX_lFM2b1vUsTOvRog4ssPyYZvhakPDv2o9Zz5RKnwZC9P8RZdc8lVHh1zL7KRf4X68zfKUYJi91YvfQN63Bpm7w9w-IZLqLrxNMNKpBGfWPFl5-FvcramK7FuSWihE9E1UYcxzRDZSYH7xhelhBnA0043WRpWj-W6zImxVPa_Vr3DPsIAf8JMiAqfcUZgrn40RIwuFyH3L-l7m-Khn8XKGRRbB2jKfd-YupNUosKveGfaaydgOikv-3BGnBXoZeDD5RTGRrSMdX_ED16FPXviKEqFtwZYRkLuiAnarV28u-Q76B6_mfcPMql7ZJl4vYcLhUA8DqrwvZRQZt8Mk_b4ofRI3sef7GouQz_8wx3sTwdMVgNn_cAgV5u-HhZKZJbpoGIv1pXR4yHVqBVP2Rpf8U5UN2LlsRznn-zRfcZsNRmZjPbRVNzgafEGQJeWnwNQaLssoE-5J8jseEsUL8WZP5e_kn-IAaD6Zi5k2V-bCYo5Mb_LUaUzTkEuP5XT6KK6qURiG5OD5HR7bnCI_xAbMaTxRfZiXvuspO2COma-xatT5SqDplk4ppTf74yUyQm9r9FCzR1QbpHsyE3Lz33xHbPvBiJtOAX7r8-jQt4waCr4deHiOVLSHqQKH1FgOjW1m7ZEJ_Vm-pi5flLVsGkV7PHIlL2VmLf3MZOwWCa7v76hQzQrIEgfKbz-tmkKoDxTACTe0JNdRmILFVIs8wL3WD9ZtZ4vDvU7XnS8GzqWPEdkQkGtuF3eFg8qMANWarSpvkA_cDsJ_IaylSN4DU51iX7wspZpnZqg8smjMAYnk_l_3PEou0PswUwpkM6d7pQWktUld5qs7qyavovGACWTpNmB91lgVolJ5yZQuocvCsx5TJzefN-iA0roxs96DtVp5cAlikE6UocVA4w7xM20kaF2fs84CslODh1pWQUgtaXKVh1O8-6EybuxSTcH0h546txjiisrUTux1qUAPmfNTP7f-ygShdympRQyLo54DRPizwUyW9VCY-P4ctehskxI8SGJMMOIlgzD-LgXTqqsUFQ59q6S6yuqJLMZkQ0fH5Mdd55rCt4ed_xIxdEAk5LdPBk&sai=AMfl-YQUkMzbfRRSm6zdwddwR1k76qTL9vXT9JpFTR1ccLYjd4SnBF0WkcBcv71SOooJN5dY4tYM2ZVaQfW76KNiPoAcncyy5_FLJ9yU8KsIDvxIujlxYrb6_8XRnFS7FBlVL-PZZHhZcRTLrNhpRbsKy8QI7P_XzU9XA3ILWjQMxzPMeUuCoGOxk1w6NujI6Qm3j-k_a7iw_xsMHB6zjaCwnrYzWqSGmM9szTrn2MM531VgIziFAyDNe_NRMFWt2-SaDAy6L_oWuz1CaS0vbmwW46j0CaGA845HUve7dLQnQdNkn6BvT5FltkCvLuinSTAOqwkiN3PSpdod_GHyVceh5tnKyN8DoqP3rViW4RJnE1M0xzDasmXyaYGR03_Hj38Gfk9ffUzdZVpysUeT4UdAOi8AmgIAB60FLeXgtjt3WBTmQPNWX5Xj9pQG7V-fMQ0k5zOx-t-CDUnSRLJitK0t1UqcE-2RxRw--0-9_UTNDpDYsbgag9JljQI&sig=Cg0ArKJSzPeKrcvgFrE5EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=476&vt=11&dtpt=339&dett=3&cstd=134&cisv=r20231106.77145&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 16 KB
16 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/txt1.png

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53484dcdcb2365db5711f604fb89f689888b1801c804ffd4ea23784e4b201dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:24 GMT
x-content-type-options: nosniff
age: 489228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15902
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:24 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/logo.svg

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaa41c92c5a8c4640b5bb2173ac6694f87c298913f4defbc6fb837314022579b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1010
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:24 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 39 KB
39 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/bg1.jpg

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48ab28bde5226810d25ad4e4d09e324f6b36a92a4cbc92681944f88ccdb56ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:24 GMT
x-content-type-options: nosniff
age: 489228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39593
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:24 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0291 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 516832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 10EC 59 KB
23 KB 14ms
13ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 00:21:59 GMT

GET
H3 200 B30678728.378094554;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1761367591;ord=6ogiv1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCacVCu45MZcabHofk-gaJ27SQ... Show response
ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/ Frame 7DBD 78 KB
32 KB 70ms
69ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1761367591;ord=6ogiv1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCacVCu45MZcabHofk-gaJ27SQC_2e0K5z883ttvcRv8qivcABEAEglZvKIWCVgoCAsAegAd_oy7ACyAEJqQLt2xpJe_WxPqgDAcgDmwSqBK8CT9AztBSt5IJ9hYc8iw_ZyLNSJIn6CEaR1g7efYIo-a8NWtEwFCLKDL6K3-zvfyJpBW0v1f4-91WeB4y3ItGQY5IEd3PQt5yNnhCmbzBcAo3LEbCg6Yl-OmngkNbcHReMRmIZlwHIoFJ8PSKM9Ax_ZRUHR1YOVGlwBRjAxlUjFhN7c8VvvnuDgBBnjez2aw8zuS83dj8QZUUV2MFEP1Mfy-r_sNXwBVSzDPW6bMTbrSmTue_cyNCzZWKfwCg1el2DYUk3Qr8CKD4KZNWucAJbAJZQjdAoLNF5I3at5SJB0-k-sxJ0AR2EyuimFm2RNffyPjUKIjEDCN-yv5SOt5Yn1C636k8JjI4sAYZfLcX4eV8vy9xYoSEZ6RCHKw_B0DZpFSunbEtbLoJaSusvRQ9DwATbv42OvQTgBAOIBb-VyedMkAYBoAZNgAeJl7TPAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIi9Kw57a2ggMVB7LeCh2JLQ2ysBPz0YMVyBOnz9fjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNTsxopCEm5iKiw0B2idJ9TbfsNrnaXB-W_bar1LUHAnim3W8k8--jZ8GCee_sesf8vfdptxMsP_lfC69Q_RdVGQYe91IKVb6FVUMYAQ%26sig%3DAOD64_1UKXK6RuyYk_gfSN4zQbwtPIRfXQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dzk1gpdYcMhIiIX8bhyq2rS3Hpo5nV3E_H64Cg7_gEFbfEicqZZRPISFuXvnEs1vkEM6EVeo476WdWJo3FLwn2oIrKXmgVnHPCM9-RGjwYBsuTJFjtZgBf4NSWuyr-UX6SRnpuCVgD9BOJ83u65_3U4gZojtZCDBXVgtqTd_q6bdFN5DQ%26cry%3D1%26dbm_d%3DAKAmf-BLUt06Z-9SZCgpjE-WqciU-zGAqcX4ZLnza2HBOPYzJAzA51HFbEfmqUcA7va9CNvm5k7UPFJ3X1quqKQdrPvWifWJkPUSoucmVibwAI8mYGDFQ7KG4KR20ynOsSLNMwwT9CCCIl0zhBQnhhy1H5x0R9F1Iw28H2TrwoA2YI0pWlsICtluz97vEeDJuO7nNwi80uJhwwkiKJdSJsP2eux-eiiIHImGTrBKHRfb9wM-AcUmrLQ5OoGNKWiXCkG14VTGFALAVTbEmDPPaO8wShj799o2-sQTV2ooVqMoAtI9mkPre3Ci-607V62sxlh_Voro9XC6826j59hUhTANxEq-HbkvaQyNSqhKaPfdaaqm9mzUhUWfhEbkevqepDNa0SUszQBWn3BhUVaCs-8S21hsUVsRQ70in4vlTp6yEVLxJ76v77Uguk3lHUICHzeDOD8CKv4vKd29uZFLUmCQPFmWFZESC17IeBcpVtns7LC1y34jW9fKM4-E1Mzgr08xp3uV4Zxd3fhfmdTQVZGCssqVTjbstKMzyulf9aZSpe23eu_XYaoGLbmEFFicXYK-TzFg810u%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Flive.koooralive-tv.com%2F$0;xdt=1;crlt=Y5s-U_EyB';stc=1;chaa=1;sttr=192;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

86912ca13369532ae383adfc767f4d4e759fa6f4d6eb6f966bd01bab1a80b30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32731
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 255F 1008 B
912 B 556ms
33ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=194&ttfrms=33&brid=3&brver=119.0.6045.123&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3D%3AG6%5D%3C%40%40%40C2%3D%3AG6%5CEG%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3D%3AG6%5D%3C%40%40%40C2%3D%3AG6%5CEG%5D4%40%3ETar9EEADTbpTauTau557gbg3h375b4e7f52dh2f6_f%60g74c77%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=237&ddur=60&uid=1699516092464910&jsCallback=dvCallback_1699516092464971&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4884&tgjsver=4884&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&dvp_epl=263&noc=4&nav_pltfrm=Win32&ctx=26387868&cmp=30537616&sid=5952739&plc=376181594&crt=198996049&btreg=567175346&btadsrv=doubleclick&adsrv=1&advid=9758366&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=15275342925.224424&ee_dp_sukv=15275342925.224424&dvp_tukv=10952299.378594577&ee_dp_tukv=10952299.378594577&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=1392603818199&jurtd=1842648619
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4884.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6a70fb0af219ddb3f4c1837c0bb007209a754830064f081cad618ecbaa357b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 07:48:13 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/08/2023 07:48:13

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 38AF 38 KB
13 KB 25ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 516833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 B30678728.377827303;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=3047537731;ord=4osrq2;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y_Uu45MZa_8F4PngAfKyav... Show response
ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/ Frame 10EC 79 KB
32 KB 69ms
68ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.377827303;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=3047537731;ord=4osrq2;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y_Uu45MZa_8F4PngAfKyavwBP2e0K5z28vttvcRv8qivcABEAEglZvKIWCVgoCAsAegAd_oy7ACyAEJqQLt2xpJe_WxPqgDAcgDmwSqBK8CT9CiA8sZJ7yUf_poyd4Izjpy1i9kCkuCKU3SHCOQKIAeQ_uJSFlP2e5Ukl4wcXOlO6UqCvZJhik9DniQKpeHvUpkFcGZO70K_r9DEQCZw9SeMMxUKXy8sl5jaOfFrFzL6CjUZFJC5JN47cLAYeEtHR7e2gkdw7K7CQ9MzM_UqV16gbT0UtRQb0elSd6F2xrGeZb1Od3k5akXdCu_rQLbMOu6dqB5G3RyoO1f1igrwuvXTUpsXXZCaMMDPChKm9AHFcmeIZ_zH75RS4CbPGSLUXBWvZxy4kidabEfOdbrCTvLSjq-O18b3JS736OmWgi7oPxKgIS0Du2uG7EfvGxNYk2YJsxll71PNHSjlN8x4B-VbIYZ0qQvjz_BFAmq9khDWtnsOJKa5l7Tw9I2c9QYwATbv42OvQTgBAOIBb-VyedMkAYBoAZNgAeJl7TPAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIhL6q57a2ggMVgzPgCh3K5ApOsBPz0YMVyBOnz9fjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNbt-OhQAWh0Rd8KCJw4o_rGjaD1N_Nvye1WrLsPPPFQMeq-lgw_5uK03dn_Gq9deeA7k-ATF2ZfRVhRHeBoQgYqB4Ot8BLRZQnxgB%26sig%3DAOD64_1vlVwP66Kia93EvyHuKl6Obnemag%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CWQ00P7XqRINSuhvgaP8FK3qzPTRH3I3rQ6Ay4EBMg7eMzW5plh1FhaoP8ot92IfB-aMKzc0KNViu73DG4zoaQN67ejgOKvL_0E5Juw2TJE0hc0VfuKqlyFiR2wjwUockLVDl7wLix-JMDbKnhaSDyYETU1EUtLMkQpveWuSk-Xex1FVY%26cry%3D1%26dbm_d%3DAKAmf-BRfyxDxBu2ucDZceaTE0LDyL_gednXIbsr6iOd1Q4n2nYGdqi2XgtmXXGBUrK4zVH0gF69u50grx462p_xAmN-mdSlYs23FjzjSzQbTzAfahyAia4JbyutrtJjYLcFTybvuukSjmJy-51jF7TRc8lNtjYH1CJDFwPUSgosIf3IJJg4d0MfHnyHQzKE1jlOwPz_R6wUOw6E45wuomeUDUHMFuhaxiCpIpc5K8w5M-BbaaI3bXU3HGz-Pufw-axYdFzc6RwJAMIxQuDdwTBPQUQWCJHFM3-K6GOHszRH_XJB5Iy9PdO-G-AjSrNFaqlCQk9kXwOllgCA-o8O4-9-UzOq1GVR7tZ0JWacJHM0kKN5b8BXL6ROTiYZ0HaePOZSySVGjrtpKrnL6XKcyx1paM4bYohAfBe_GCQedvqqDFevkogcH6fuQ7ElV2tWK8ivSf7316DC8KSQA1wNDo7m20XqhO7BirvQC1NtOsxZzHFXX5epEchK4N8fjXxtNX5O-vyMARK0Nbdt2A9NQEXVbmaCdkStRjgMi2yJ7uX5iMtv9uRYeCU6oK1UW4FoiIh4vwzsp-jX%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Flive.koooralive-tv.com%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=Y5s-U_EyB';stc=1;chaa=1;sttr=290;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

064bfdec13e3193461acac835744ebb97a1abd2c1ddbeda7f0c264c8cb692000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32912
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2EFB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOzOhbNBYn_Y-vwq9LWCMU&google_cver=1&google_push=AXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOzOhbNBYn_Y-vwq9LWCMU&google_cver=1&google_push=AXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-...

43 B
421 B

190ms
180ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOzOhbNBYn_Y-vwq9LWCMU&google_cver=1&google_push=AXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 823473be7e144dc1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 702
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOzOhbNBYn_Y-vwq9LWCMU&google_cver=1&google_push=AXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStu2M6-WbDyFHcXfJU_YRQ6yoTW5x9zrI21oYeiyU0XuuVftLHyUVTNwuoxlhanPx3RIDm6hXdlXC-wmzqYr1c74HBQY-P%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 823473bd4ca24dc1-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2EFB 70 B
150 B 367ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECW9U5jW6r-_siBqwvRbPkU&google_cver=1&google_push=AXcoOmRZk_OwsldTKTI_gzAmeSJWeDiXwf6QoZQbL2wJeHEgSrLT396f7viS-Rx-FxHPTntOhbo8O-1R_2dj3s3wqGLNJ1w-a0AClg
Requested by: Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2EFB
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIJf7fLxgHg2hIsg-sV6kqM&google_cver=1&google_push=AXcoOmQ3yEqY9dRV1lg5WmKuJgEIPbLAaHFUvsXpiXcKPpHlOCE8KHrsMIrWPA9cX2HUmt0z7cgNxRTFvt_...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3yEqY9dRV1lg5WmKuJgEIPbLAaHFUvsXpiXcKPpHlOCE8KHrsMIrWPA9cX2HUmt0z7cgNxRTFvt_pWqBa5p3wggRbHgAM1Q&google_hm=Nfbons7ZSgyh9P0Uk8...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3yEqY9dRV1lg5WmKuJgEIPbLAaHFUvsXpiXcKPpHlOCE8KHrsMIrWPA9cX2HUmt0z7cgNxRTFvt_pWqBa5p3wggRbHgAM1Q&google_hm=Nfbons7ZSgyh9P0Uk8BbD4Y

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:12 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3yEqY9dRV1lg5WmKuJgEIPbLAaHFUvsXpiXcKPpHlOCE8KHrsMIrWPA9cX2HUmt0z7cgNxRTFvt_pWqBa5p3wggRbHgAM1Q&google_hm=Nfbons7ZSgyh9P0Uk8BbD4Y
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2EFB 43 B
246 B 355ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDj67be7i3keuUubtLu_0OA&google_cver=1&google_push=AXcoOmQjVIYiE2egkfGExDVXNadmt038tSnVWgo-Dw343l48sRi_67YY5TI5EHKZECL7Tvw3ud8e9csbwuCiG-muf20k4a9nsUZ1
Requested by: Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2EFB
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEOOk81ATQVthhpA71Sz_BD8&google_cver=1&google_push=AXcoOmQKNNhyEGIoZ5eTovejn0qGpKqyBBiSWbyaU-tJFFp2VLdLF1R6apFERzHJiTfFawEjt4FTnY8l-OB9m4odxyJxjZHa6...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&mn_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQKNNhyEGIoZ5eTovejn0qGpKq...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&mn_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQKNNhyEGIoZ5eTovejn0qGpKqyBBiSWbyaU-tJFFp2VLdLF1R6apFERzHJiTfFawEjt4FTnY8l-OB9m4odxyJxjZHa6l-iVw&gdpr=&gdpr_consent=

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 07:48:13 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&mn_hm=MzQyNTE3NjkzMTQ5MTg2MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQKNNhyEGIoZ5eTovejn0qGpKqyBBiSWbyaU-tJFFp2VLdLF1R6apFERzHJiTfFawEjt4FTnY8l-OB9m4odxyJxjZHa6l-iVw&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 09 Nov 2023 07:48:13 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 2EFB 0
36 B 345ms
8ms Image
text/plain 35.157.200.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEML0GGQ-e9wqVJf_E7nQKrA&google_cver=1&google_push=AXcoOmS-0vZdK6tpjEbAfxYZPAv3x-AJXD12R7FdKfC0mT_jIldH4wGf7o66yuar1x6Q0W2uoj2mon2Pb_4VFnt1b0MJSQ_VJOL2jw
Requested by: Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2EFB
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38793dfc-0b5e-4602-99da-d27b3a7f165f&google_cver=1&google_gid=CAESEHbKKYnArFHYPMrrcT-Igog&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38793dfc-0b5e-4602-99da-d27b3a7f165f&google_cver=1&google_gid=CAESEHbKKYnArFHYPMrrcT-Igog&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTOkb7W7XwozAlzBitvXN6fMeiEi5Ms_JcpuR_2E2IKTypQ-bjpVwTSIJWBbe0cnvHYMf0snkeqxSem04Za1mup627fycNuL0c&gdpr=${GDPR}

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=38793dfc-0b5e-4602-99da-d27b3a7f165f&google_cver=1&google_gid=CAESEHbKKYnArFHYPMrrcT-Igog&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTOkb7W7XwozAlzBitvXN6fMeiEi5Ms_JcpuR_2E2IKTypQ-bjpVwTSIJWBbe0cnvHYMf0snkeqxSem04Za1mup627fycNuL0c&gdpr=${GDPR}
date: Thu, 09 Nov 2023 07:48:13 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2EFB 0
12 B 24ms
23ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfBFZjUDZYEl5FWJsOhFqly_eSRmulQdSrZP7m09S9xCB2A3IUOAmZQsIfU3-RFY_l9ycT3Ow

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7DBD 111 KB
39 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Origin: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 00:22:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 7DBD 11 KB
4 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1761367591;ord=6ogiv1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCacVCu45MZcabHofk-gaJ27SQC_2e0K5z883ttvcRv8qivcABEAEglZvKIWCVgoCAsAegAd_oy7ACyAEJqQLt2xpJe_WxPqgDAcgDmwSqBK8CT9AztBSt5IJ9hYc8iw_ZyLNSJIn6CEaR1g7efYIo-a8NWtEwFCLKDL6K3-zvfyJpBW0v1f4-91WeB4y3ItGQY5IEd3PQt5yNnhCmbzBcAo3LEbCg6Yl-OmngkNbcHReMRmIZlwHIoFJ8PSKM9Ax_ZRUHR1YOVGlwBRjAxlUjFhN7c8VvvnuDgBBnjez2aw8zuS83dj8QZUUV2MFEP1Mfy-r_sNXwBVSzDPW6bMTbrSmTue_cyNCzZWKfwCg1el2DYUk3Qr8CKD4KZNWucAJbAJZQjdAoLNF5I3at5SJB0-k-sxJ0AR2EyuimFm2RNffyPjUKIjEDCN-yv5SOt5Yn1C636k8JjI4sAYZfLcX4eV8vy9xYoSEZ6RCHKw_B0DZpFSunbEtbLoJaSusvRQ9DwATbv42OvQTgBAOIBb-VyedMkAYBoAZNgAeJl7TPAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIi9Kw57a2ggMVB7LeCh2JLQ2ysBPz0YMVyBOnz9fjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNTsxopCEm5iKiw0B2idJ9TbfsNrnaXB-W_bar1LUHAnim3W8k8--jZ8GCee_sesf8vfdptxMsP_lfC69Q_RdVGQYe91IKVb6FVUMYAQ%26sig%3DAOD64_1UKXK6RuyYk_gfSN4zQbwtPIRfXQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dzk1gpdYcMhIiIX8bhyq2rS3Hpo5nV3E_H64Cg7_gEFbfEicqZZRPISFuXvnEs1vkEM6EVeo476WdWJo3FLwn2oIrKXmgVnHPCM9-RGjwYBsuTJFjtZgBf4NSWuyr-UX6SRnpuCVgD9BOJ83u65_3U4gZojtZCDBXVgtqTd_q6bdFN5DQ%26cry%3D1%26dbm_d%3DAKAmf-BLUt06Z-9SZCgpjE-WqciU-zGAqcX4ZLnza2HBOPYzJAzA51HFbEfmqUcA7va9CNvm5k7UPFJ3X1quqKQdrPvWifWJkPUSoucmVibwAI8mYGDFQ7KG4KR20ynOsSLNMwwT9CCCIl0zhBQnhhy1H5x0R9F1Iw28H2TrwoA2YI0pWlsICtluz97vEeDJuO7nNwi80uJhwwkiKJdSJsP2eux-eiiIHImGTrBKHRfb9wM-AcUmrLQ5OoGNKWiXCkG14VTGFALAVTbEmDPPaO8wShj799o2-sQTV2ooVqMoAtI9mkPre3Ci-607V62sxlh_Voro9XC6826j59hUhTANxEq-HbkvaQyNSqhKaPfdaaqm9mzUhUWfhEbkevqepDNa0SUszQBWn3BhUVaCs-8S21hsUVsRQ70in4vlTp6yEVLxJ76v77Uguk3lHUICHzeDOD8CKv4vKd29uZFLUmCQPFmWFZESC17IeBcpVtns7LC1y34jW9fKM4-E1Mzgr08xp3uV4Zxd3fhfmdTQVZGCssqVTjbstKMzyulf9aZSpe23eu_XYaoGLbmEFFicXYK-TzFg810u%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Flive.koooralive-tv.com%2F$0;xdt=1;crlt=Y5s-U_EyB';stc=1;chaa=1;sttr=192;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:02 GMT

GET
H2 200 63c51e1aeaeb06ed73452eca
measure.lamp.avct.cloud/measure/ Frame 7DBD 0
0 355ms
35ms Fetch 52.48.253.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://measure.lamp.avct.cloud/measure/63c51e1aeaeb06ed73452eca?mid=651e6b2507e337ed959d3bc2&mt=1&d=live.koooralive-tv.com&c=0&r=0&evid=fc1c02c9-4c62-4ade-ac58-a6caaba0cc20&vmet=IntersectionObserver&seq=0&sev=start&sst=2023-11-09T07:48:12.681Z&h=90&w=728&sh=1200&sw=1600&sah=1200&saw=1600&vsum=0,0,0,0,0,0,0,0,0,0,0&vmax=0,0,0,0,0,0,0,0,0,0,0&trk=false&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=1933310257657&cp_dspId=dv360&vts=
Requested by: Host: cdn.lamp.avct.cloud
URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=1933310257657&a=&cp_dspId=dv360&api_frameworks=[APIFRAMEWORKS]
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.48.253.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-253-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
content-length: 0

GET
DATA 200
OK truncated
/ Frame 7DBD 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86fe862ac488461b88b028f06e952fb5bf2ba2b62928fe59a6f0892e6fbbedbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A88C 38 KB
13 KB 25ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 516833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 06FE 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DD_B6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0291 38 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 200 Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4801 50 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19631
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 20:45:55 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 10EC 111 KB
39 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Origin: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 00:22:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 10EC 11 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.377827303;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=3047537731;ord=4osrq2;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y_Uu45MZa_8F4PngAfKyavwBP2e0K5z28vttvcRv8qivcABEAEglZvKIWCVgoCAsAegAd_oy7ACyAEJqQLt2xpJe_WxPqgDAcgDmwSqBK8CT9CiA8sZJ7yUf_poyd4Izjpy1i9kCkuCKU3SHCOQKIAeQ_uJSFlP2e5Ukl4wcXOlO6UqCvZJhik9DniQKpeHvUpkFcGZO70K_r9DEQCZw9SeMMxUKXy8sl5jaOfFrFzL6CjUZFJC5JN47cLAYeEtHR7e2gkdw7K7CQ9MzM_UqV16gbT0UtRQb0elSd6F2xrGeZb1Od3k5akXdCu_rQLbMOu6dqB5G3RyoO1f1igrwuvXTUpsXXZCaMMDPChKm9AHFcmeIZ_zH75RS4CbPGSLUXBWvZxy4kidabEfOdbrCTvLSjq-O18b3JS736OmWgi7oPxKgIS0Du2uG7EfvGxNYk2YJsxll71PNHSjlN8x4B-VbIYZ0qQvjz_BFAmq9khDWtnsOJKa5l7Tw9I2c9QYwATbv42OvQTgBAOIBb-VyedMkAYBoAZNgAeJl7TPAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIhL6q57a2ggMVgzPgCh3K5ApOsBPz0YMVyBOnz9fjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNbt-OhQAWh0Rd8KCJw4o_rGjaD1N_Nvye1WrLsPPPFQMeq-lgw_5uK03dn_Gq9deeA7k-ATF2ZfRVhRHeBoQgYqB4Ot8BLRZQnxgB%26sig%3DAOD64_1vlVwP66Kia93EvyHuKl6Obnemag%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CWQ00P7XqRINSuhvgaP8FK3qzPTRH3I3rQ6Ay4EBMg7eMzW5plh1FhaoP8ot92IfB-aMKzc0KNViu73DG4zoaQN67ejgOKvL_0E5Juw2TJE0hc0VfuKqlyFiR2wjwUockLVDl7wLix-JMDbKnhaSDyYETU1EUtLMkQpveWuSk-Xex1FVY%26cry%3D1%26dbm_d%3DAKAmf-BRfyxDxBu2ucDZceaTE0LDyL_gednXIbsr6iOd1Q4n2nYGdqi2XgtmXXGBUrK4zVH0gF69u50grx462p_xAmN-mdSlYs23FjzjSzQbTzAfahyAia4JbyutrtJjYLcFTybvuukSjmJy-51jF7TRc8lNtjYH1CJDFwPUSgosIf3IJJg4d0MfHnyHQzKE1jlOwPz_R6wUOw6E45wuomeUDUHMFuhaxiCpIpc5K8w5M-BbaaI3bXU3HGz-Pufw-axYdFzc6RwJAMIxQuDdwTBPQUQWCJHFM3-K6GOHszRH_XJB5Iy9PdO-G-AjSrNFaqlCQk9kXwOllgCA-o8O4-9-UzOq1GVR7tZ0JWacJHM0kKN5b8BXL6ROTiYZ0HaePOZSySVGjrtpKrnL6XKcyx1paM4bYohAfBe_GCQedvqqDFevkogcH6fuQ7ElV2tWK8ivSf7316DC8KSQA1wNDo7m20XqhO7BirvQC1NtOsxZzHFXX5epEchK4N8fjXxtNX5O-vyMARK0Nbdt2A9NQEXVbmaCdkStRjgMi2yJ7uX5iMtv9uRYeCU6oK1UW4FoiIh4vwzsp-jX%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Flive.koooralive-tv.com%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=Y5s-U_EyB';stc=1;chaa=1;sttr=290;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:02 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DC30 38 KB
13 KB 148ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 516833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 63c51e1aeaeb06ed73452eca
measure.lamp.avct.cloud/measure/ Frame 10EC 0
0 30ms
30ms Fetch 52.48.253.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://measure.lamp.avct.cloud/measure/63c51e1aeaeb06ed73452eca?mid=651e6b2507e337ed959d3bc2&mt=1&d=live.koooralive-tv.com&c=0&r=0&evid=08ba9c41-ac3a-4085-a6f4-421484040cc3&vmet=IntersectionObserver&seq=0&sev=start&sst=2023-11-09T07:48:13.116Z&h=250&w=970&sh=1200&sw=1600&sah=1200&saw=1600&vsum=0,0,0,0,0,0,0,0,0,0,0&vmax=0,0,0,0,0,0,0,0,0,0,0&trk=false&tid=651e782707e337ed959d3bc4-1-16&cp_lineItemId=20618300095&cp_creativeId=523577747&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=1933310257657&cp_dspId=dv360&vts=
Requested by: Host: cdn.lamp.avct.cloud
URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-16&cp_lineItemId=20618300095&cp_creativeId=523577747&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=1933310257657&a=&cp_dspId=dv360&api_frameworks=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.48.253.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-253-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
content-length: 0

GET
DATA 200
OK truncated
/ Frame 10EC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11519fc0b0807e089b1adfd53e0090c1dbd93aa0da4aaf1ebb0293a99428c3de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 6 KB
2 KB 17ms
13ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 506839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2089
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 11:00:54 GMT
expires: Sat, 02 Nov 2024 11:00:54 GMT
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7DBD 0
0 53ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVHaJrPf4qZFmFjpLU2QIYYsmSGxYZ85lhxkWVS9cUHnOdfiL6ZzRvY7Ma6uKWk_97pxfqYNY-YV6KOSYiYGSTs98IoUaU76VfE0Y1QXLh_pdnCmiLDXcWOTe0PA6iHXS5YgBO1CX63B5EF7nxYBX04SHcpXh-uMcU0H1mdkTm3PuBnEo&sai=AMfl-YQLngGIU1cHJ2BIjJPSJa0lapswW1J4inxacDIUV2HCndFDm5OL0xAxhbuyhA3VU8s4io5oNOCjgcU0_sqACH08GJERWDv9mbJ5rg&sig=Cg0ArKJSzE-HBejeLoxQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=472&cbvp=1&cstd=471&cisv=r20231106.17478&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 38AF 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame A88C 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FB7 42 B
175 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssc-P9yOKBMac83I4qqqkvQXNYcyDyZ8WjqhE_M66SJ5qjoS7q8UsFtbgIKb80D8XpIncz5cTwoqMxw6Us8iN0Tp_r3Cm4a9GHED82DLQw_zJqNZe-QcnTPekIaQdWZIDPGQx-0fHPw2M1C&sai=AMfl-YSMeZ1z622Lt46nR9HXfZbgvH9bq8tlweTwP5u09r_E4lXIVbRzyt19HfkAmoU5Ac8mdAcPAJCXJGcSksRT1WoThZubi2c90X-NQ3GJhM2_pUrT6StpThXXLCiTWc0detVuIPCI_SnhYxLiZPv3&sig=Cg0ArKJSzO5Z_bG5Y6RTEAE&cid=CAQSTgDICaaNqGwDIakfcBbOgjFO2HY049Dj7fFak4-89Ie8LR25riRkX_GadO70noUEnD9OFNXvuxl_aoKPsFehu0rHsbnFefKHCANw8Y46RBgB&id=lidar2&mcvt=1054&p=100,315,350,1285&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3187611466&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699516091760&rpt=334&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BE1D 236 KB
63 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 07:48:13 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 9 KB
2 KB 13ms
13ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2264
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:56 GMT

GET
H3 200 _preloader.gif
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 673 B
700 B 14ms
14ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_preloader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:56 GMT
x-content-type-options: nosniff
age: 294137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:56 GMT

GET
H3 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10EC 86 KB
32 KB 27ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ccaf4981a18043f9f62ce7d6aa7c46c5dc4a447ff34851b1b3b7d8e6325ebc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32258
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274428202873"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 07:48:13 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 6 KB
2 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896884a2d646abb7473b3a15d6ba1c449090d8383e8d3a9d2fd5d004e37d4ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 288636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2091
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 23:37:37 GMT
expires: Mon, 04 Nov 2024 23:37:37 GMT
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 10EC 0
0 52ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKsuKRT9LZGwFmhNDk_ykkOPYavWshBiARTUkGobEQnAdgQzhH8axyRSAfgD-ascWn2NpcwvXgSM51hWyVtk1-lQGmNQy0cP7V6WTkM7iwC1Mu62MbWs8M96FGsxd5on7yIxlkdfff6mqyVnhqzx8nZTAg6gUG5oo_K8p5s41CmPZri_Q&sai=AMfl-YTt3zg72mPscpFM-yN1abEGAJDqRGO1jqaLQ8fMcar4a1bl_fLiaHFjwdK1xW9bmY8AnRwuB2rnGYQGjqRdR7PYogKHoc0G1CkxPA&sig=Cg0ArKJSzNOraRQVd6zMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=255&cbvp=1&cstd=253&cisv=r20231106.71859&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7188 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKw0vu45MZeurF_X7x_APxbCL2A8AAAAAOAHgBAI&bg=!S0ilSAfNAAb4oU7C2KE7ADQBe5WfOKFS9droCf9E9UsmjIHnZdMU_x_SuP7eGrO0_OdQmT76Z3UQb5v2e6RsxrRmqgD1AgAAAyJSAAAACGgBBwoABKLb0uCZAwQDpZUP3cbkQUt45GWwP3kXeYZoSDCmVIi8T3dwYa7G_J6txiOBcOOfA8tMuGfThYG7tlo60-pLH0P18XT_QcbdQu0RCSNK_5fNEbcfAgEunMx9eb7lOf5sY60QiTkmEbk-7oIEw52CtKcXjZjCWgfnaHuC3hHg8xT7AJGB25zCL5qk0jvxwSG00j1J65UUo9MPrAw7Q31jFF9BkOF1YRcqP5FyVI2YEQ27dl4tOprCV-Q0NRfLKgCYvykeqDSU0YpiY0Dnpwe_j-0Z5-uXfjv-qfgXkdC-pbUHzKt4mxwExuiJpMrRESK_aA1UvmhmTcaqzj5_njzWhCxOXEQn6g6TJwr1sKNyNxAbS1wu1kh1N9AiPn-ULqSm0yMgtcyoBHwPWGAUfKrnPzcczsYYbJyBjvjnSN0vNn4BQzlf97wP--0SvQiKrdwa5y8cxI5BXlmRCPArJpiyLkCkT_GWVBOJ2OKNqucEkN_c_nZz-xlcCiFha2PCdj4OSycZ86qWLI4n3l5ESBLIXdySjgHazbpJCIYJmX3LsvEVjNqRvGsw97HlpPDQutGFrfuPAgfJH6HOWjJWxzGWuv8xxe5sSiIwHTa3-m9Of9QtMfRuLuYUZ9o52VCmqJIk3fsrtjfGT1NsTtdeF1GC4GYsMeb2rODrG58lnQK1w1tvBtlL6ZlwiMZFMTutZDP_T--Q0ClYLPTQTk45wgGAhkJn6-6W7Uy94EIk4OJDZjgISlriDYyvpbgCYccCGLxJ2gSYk83ZvafSL0HOYbS3Y-_9melF5Dg8hTWUSgk151VCLIkFWlInR_mbS6sfIPyjbQrYGjBk-MoxqKEoIklG9Uye0uXUlHrXTkCUO_3yt5pnEo2-E7GSDQUCGoDoe7zfX2uHeCVnGTLwKLFNsgbBxjX-Euy6xE_aLQzd2jHKxGzqcPPuSGLbdZC15p5CMyISKG0_k0hL2QJfqKatkTLizYOGVUIFsgRx7vgGr7rHu8JDgb9zK91GtyPQ0T3XmMYQbg3lQJXh4jb3DQep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C2E 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOtRPu45MZdDEFpKL1PIPjP-z4AgAAAAAOAHgBAI&bg=!GxilGFfNAAb4oU7C2KE7ADQBe5WfOGsCWFSN525ySsGXoHpEZuP-vgH1n0ZqvxoiuCDKmQBqL9AplW0w0FWBgYONTttfAgAAAulSAAAABmgBBwoAKHQ8IIiZMvhE0L5FvSCbMRGdZq-ZkTzNjvCUq8NIL64g2oQDX94pLfqZAwsA0dLugUA4zZyNNMOJ6yifVUZ6O2vXlY9ru0bAU55KIkJ9h5XktmuJD5rPY3JCHwjtNDMyT9C_8pkoOVtndbCywKtYsiFm_jvAcIc1JI_JIJI7ORKKrH0lmsoU7e5PaPRbxYVUwxfJlcp2AGjzqipT2dqzY6yGPiRPJZAauleG7z5tDquQmvwmp98cgAjZhDqvQXRu4-c5jGjCNNj7EukAsbFFoCrleZ_CBkOlzgCWul_nmAITqnPpObhEbmBRqzdx8Yz5eJYhFqpGMWdm95V7e5zFbkoYCig7GobARqmOsY2n12JCJ1wk3R7A6h0F87gsbxWebTqtXZ9kFKTabAUFbxt8mWL84zBjf_-ae3WMzMtd15f4xM8BVWQ-s26QPUGUryco6s1pmXQ8q9oBSv9ghPQJBtTdfI4hMkc2ZwedPp0CvF63d_kHjiYvr8w0_AWE2jcxXlpK9_gVL0UELS6D_vKbT4brTBns26KTBubUI8LtEzzMdERICwvbBvh5CfM4ouIjyocqCOPp8T6Wq0gK-5mtDWCk-LEWbVVAINv_7g9_HbLn-3HY0IfFFIr359gbFXHpJflQiR_qWFedbOOhDw8tFWE8H3Y7qg-HedeCLY7x1TA5i9Gq7xUvle8xuaSzefGCoujdQFqpu8g0GfMpS5KTrPpZ-N3l4anjr2rDQP0N-aFEVlhPQ9tqrJxvA_Pw_hE8kpjyEq8jDpQXy5IhspPrRllfm38CI8QVbdxVeGUUvuyGhEbu9Kayr2ftDMWUs3hi_BaPC5584Cedx9yDM245qVYsNTrGEMfsP-W7CkYmy-VyVMnlSpRIQa1kydBcX32RN_LKr8Y5Wrk-SoAEyltcTBviw22ZJriVylQu4WkJqbar_Ny18j8-1a0UP13ObgXuJcA1zwU60TRwe8N7auO7k1Ihy-AmXAj9FcFkjws8SLrtKf8OtZLFsxOedDCTcWw5Br5g3PSZ35cFK372Uwwc3r5MzmqNBd4rGzWWAB_VcAj7_5tO-GeRE2G0QTJcRK_H9E1BakcYqw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FBDC 236 KB
63 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 07:48:13 GMT

GET
H3 200 970x250.js Show response
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 9 KB
2 KB 14ms
14ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f8a5ddf900cb2cd6794b6bcdda68b35c3f8b9434e3be0b476ac77f91621ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2252
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 23:37:38 GMT

GET
H3 200 _preloader.gif
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 673 B
700 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_preloader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:37:38 GMT
x-content-type-options: nosniff
age: 288635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 23:37:38 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/ Frame A7F5 1 KB
400 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a4f41c8feb8b9bfba0643c8a240c9d865932dad1ba7b71ec9c7ac50d6b02d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 371
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:39 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame DC30 38 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:44:46 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 15 KB
15 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2113f7e25ba229db918ced421ae4dff98392883c31936acc15f22035f9dc2dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:27 GMT
x-content-type-options: nosniff
age: 489226
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15713
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:27 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 18 KB
18 KB 15ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c10d777b25421ace0e1964717fc11cfb6827a007fc63cd2e92717b533d0171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:27 GMT
x-content-type-options: nosniff
age: 489226
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18435
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:27 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 1 KB
1 KB 17ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13f75fa50df19cb3a190ffe2c493349c9d4aa2ab515cfb4bcd7f4cc0817c6efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:54:27 GMT
x-content-type-options: nosniff
age: 489226
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1259
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 15:54:27 GMT

GET
H3 200 fussnote.png
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 3 KB
3 KB 16ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/fussnote.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3aa2e179c9e8b451618f5a2cb2231a1113fedaf2b571fc33457f3b44c5c0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:45:58 GMT
x-content-type-options: nosniff
age: 39735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2831
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 20:45:58 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/ Frame A7F5 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88588830962cdb62afa928436cb3c7aa7a571cef13c2cae0b3f3b014f3d1c0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15935108603859798992/5-IEU-KONA_EV_Q3_23-Billboard-970x250-SEE_V2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 04:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 13:05:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 04:19:05 GMT

GET
H3 200 _728x90_bg1.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 15 KB
15 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg1.jpg

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:56 GMT
x-content-type-options: nosniff
age: 294137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15762
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:56 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7DBD 0
0 52ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVHaJrPf4qZFmFjpLU2QIYYsmSGxYZ85lhxkWVS9cUHnOdfiL6ZzRvY7Ma6uKWk_97pxfqYNY-YV6KOSYiYGSTs98IoUaU76VfE0Y1QXLh_pdnCmiLDXcWOTe0PA6iHXS5YgBO1CX63B5EF7nxYBX04SHcpXh-uMcU0H1mdkTm3PuBnEo&sai=AMfl-YQLngGIU1cHJ2BIjJPSJa0lapswW1J4inxacDIUV2HCndFDm5OL0xAxhbuyhA3VU8s4io5oNOCjgcU0_sqACH08GJERWDv9mbJ5rg&sig=Cg0ArKJSzE-HBejeLoxQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=799&vt=11&dtpt=327&dett=3&cstd=471&cisv=r20231106.17478&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 _728x90_bg2.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 16 KB
16 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:45:59 GMT
x-content-type-options: nosniff
age: 39734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 20:45:59 GMT

GET
H3 200 _970x250_bg1.jpg
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 47 KB
47 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_970x250_bg1.jpg

Requested by

Host: ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
URL: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f9bd50fb978739a614de00bbb8427de4b4d2cc1678643787570facf63ba0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:37:38 GMT
x-content-type-options: nosniff
age: 288635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48362
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 23:37:38 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 10EC 0
0 51ms
51ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKsuKRT9LZGwFmhNDk_ykkOPYavWshBiARTUkGobEQnAdgQzhH8axyRSAfgD-ascWn2NpcwvXgSM51hWyVtk1-lQGmNQy0cP7V6WTkM7iwC1Mu62MbWs8M96FGsxd5on7yIxlkdfff6mqyVnhqzx8nZTAg6gUG5oo_K8p5s41CmPZri_Q&sai=AMfl-YTt3zg72mPscpFM-yN1abEGAJDqRGO1jqaLQ8fMcar4a1bl_fLiaHFjwdK1xW9bmY8AnRwuB2rnGYQGjqRdR7PYogKHoc0G1CkxPA&sig=Cg0ArKJSzNOraRQVd6zMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=482&vt=11&dtpt=227&dett=3&cstd=253&cisv=r20231106.71859&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: live.koooralive-tv.com
URL: https://live.koooralive-tv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 _728x90_btn.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 1 KB
1 KB 13ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 294136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:57 GMT

GET
H3 200 _970x250_bg2.jpg
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 58 KB
58 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_970x250_bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9350355cea44278c2ad713639f9d54e6bd80bd101e15c00787af6b342c66e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:37:38 GMT
x-content-type-options: nosniff
age: 288635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59223
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 23:37:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0291 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BxCrdvI5MZauuBaKf9u8P39KugAMAAAAAOAHgBAI&bg=!m5ilmNfNAAb4oU7C2KE7ADQBe5WfOLi8WPaIePujmB3vShZ8ES0IaNnmm57dSwRdb2cbdqbpcgQLZ8Y6ujuh8_5hXP7AAgAAAblSAAAAB2gBB5kDW5YQm2vg6z-fIAUs8RSGZjsifp5lIv1wQRwDu_DX_VPLqGcKTOcycMLHSprmei7WVxGFbwdDnkVMzku7J-6Ous5CKrXJoepIz46GWkX6VXdutzmBmajUydTeI269-caRXQEhdJVR-90oaE-vTzePkOM1cG3-TEQ3J6_XjIAGK_IUroXclYMdmp-aiFgpMX_z__PqGbbUaHky76Od7gp3kQYqAaH5r9kC95XPQFPxENM8hXFaz9D_fWBwZ4ebTjytSwLSXVR4SEguTghaPITXzxpgMfDGCRKx_XL_SvHomxZYhLrBwjJLBMdJen6V3zfK3EL_HsNqo1tVVqRI2QKZCmIaDLj5_hUk-d9-SPa0E_tFp2VuiRoTWFWBdjHPzrUuRptf556D6VNqYzTh6U6Vdjs8nePAQbP7lw5Ru2LnOowgnv31teayaKpsvNbFiOyWB2YE9kIB5qjCqJg7-YSNVrOssRR6-HKB58bjc_k6FbPeSjTLmgzOStUENILOQpIK_jM0KnphgH5v0gMyBQjR8BzXX6lMaEhy1huVpftuWkTL55PihjhdYnIEdTWvRG-ULpVoyg-boOLMhMISDdyAbua9LOd8Aozw-obCdgLvEp1LBM87OrbI2bg0bfD5NIBkOEglmY-40Y4QP1wdgkiYwVyDIWmrLw0-cF95dvOpMyfF65wqy6WrFlW44Q-402lsDRcYJfkdHO-5fjoHcSBDWosAztsoBiN9uhJW1LkM3V5ti41-DyeNxNI3y3dwX0uWmJlBeQyNhdYimGBBcE0u7sW1j9Rksot7FgIoBiOb-om1uRCTN47Dh6ukbaPFVNrRvQiJJipTQujhnjIZERDL8xYqFLCSltFBxnrz3lMc7_1QRr4D5dX4_SqDSivHsZQDoArgULSy0UHsWQtdqPo6j8BUu_FwaprgFrV1fdVZJzANPI0g1zgkDapZoIgUKqfR8-MVWXj1cIuHcIBbRv1I7kMoiP5eSKnqkXclzGbOCRzlPoVxj14YQ5HGtRjpPAlclUVjdyWLfwp1qizsEzLowRArt4ORt3P9S23zmcQxvQIQK_Ilb6aJyUpkcszdtWvh7fLVIYtnlaebyaeS5p7KXZHiJHsE9LYG_wGCOmqZiTb-aWzINJxMupd4WQE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _728x90_logo.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 693 B
727 B 14ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 294136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 693
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=1784667346036843&bg=!-fql-rXNAAb4oU7C2KE7ADQBe5WfOG9s1vUOXZel2q0F5BDVAy9u7D17gJb2-xuNFs8kydWO0XWS9FceaWXvhOPVy0JnAgAAAzVSAAAABWgBB5kCxIIGONaDbRXThrCKCD0wi9owIB5GESbKQp0QlOBPcqAJpm7FhPVg3_dzjY38ouR5TI66rBXVyclrm7bv7kY8kKcCXAloH5FlMQTLeHd5d1cxfuaLSVwIPzSrmPNeMBgHRP6Vr7zJ5NfcphYNzvxa4WeWP1Hu7wjruq1t0zpjhZ1o41uNrHMhb-w4slFUh1YwKHhT5odb08CI492o-59ZFUYgXU6a14Gxcm1V1GSUDlZxUXeaeCgA9kp8UhTF8bBRaypbWvBv1XUeFrN7WhwQeCZ2KrAmdIofjz7bifK03rNtYbSergs35-jOE4C8lI56MVqNjBXehN75_dW_INZTcip0xpu1UKG1qlswbOENR6TR9GTt-JpB2ZKhvo5rXUlz88uTKnmMHg4SuZentm4V8GC5_CKfJS3xPnwq5xXmlGFZd-EnE8KK-bnBb5zVZAcmY2Yv9FWEMs0B7wM7Ag41RyQUg_Q1Eaeh89FZMWncqppU7Cu5srf-iDWYtxvQZK9lDN0N_4TiixCWkbBlnVxJjo0rEufgod82n5U78J5LlitFutHOQXJFOzCfP-nnZOjtc2DibRNTVvKEa2gaWO1QpWfG1urRbjk6RMMJDIJ3ehEDPYxfPwcL_l1irw95sEBDbZMI-EGNAXq9zIw8AhOObRlpXQsktMK0fEC0tM_Z6uoKj70v72nB9fm-qO5tLmwIOj5CkiqwKyEWzDe00vNgHsHmpZlrmokdu2efjWai9tBsi6ULCA1hS4c5-SaL0WGSAtSc1Q-tA-MnSjXHMbZ8joP5BvywMR7gz_i8JBliKHbDpPUeASRoWBYVUE5NBwZq9ko_-a-r6PYMzx6T_kLhUVWaBSrBI2x49M8kYfs0AkOyVdDcUi-DVqv921glGilzYB2QXQMD-1AcFpjVbItobsZAM9IkjPbuJv_OefBq4F2oL2sGfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 _970x250_btn.png
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_970x250_btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6a9f748f5c6928f8934ed96a19d885b1383d480f6eecdf0bc362875489fb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:37:38 GMT
x-content-type-options: nosniff
age: 288635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2289
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 23:37:38 GMT

GET
H3 200 _728x90_t1.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 1 KB
1 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 294136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1082
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:57 GMT

GET
H3 200 _970x250_logo.png
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 1 KB
1 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_970x250_logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb786954194f34da15495734541af7d0fe71af4ab6aae6f9461713d6ee410a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:46:03 GMT
x-content-type-options: nosniff
age: 39730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1203
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 20:46:03 GMT

GET
H3 200 _728x90_t2.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 1 KB
1 KB 16ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 294136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38AF 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Buku8vI5MZd34DJaE7_UPt8yTgAIAAAAAOAHgBAI&bg=!7e6l7qHNAAb4oU7C2KE7ADQBe5WfOG9NriY1FkloCrYTHrgWZtiUrGV3rB_x8WGxJfOwMn-8fPGiBkW3pGj7R3l33mvrAgAAAR1SAAAABWgBB5kDEN0JFaHai6To46lMnLNmmYiJOpP67DAoqIfv4NiXwyK_PwJb6TpokvP0eaNhtkNpfj-aKeMArs8DirJhQPrurpneZVuh9-NzKqu0SVLiGRqniAtPJlR2v5ehF6xgiDeKJ3Pu42tZspWP6Nfij5mCFf1eMS-z4FP6iqd6xsVQztKEBbfDk5NkUh4_-VA9SfPe6y7hqvBWEnAyv8MMKH8yJEXEq2-B7HTymn3ICYm60HIq_2c3frbA20IvxuuqGjRqovC9Dyu7Zry7YeXM7NCiLGhgmbq4w6QtZuLnr5aYPDzID0UDNJ0F2yhr1iTx8yYBv43if-FTgQiy8KT_qSW-mUzFASeHYbfmUVuuNQtRG0llfrPeg-Jt4pD4h_yAEzUbiTwhnwX5ZJIqmWteUPN-0Ebge82w3zPA5QJ-Ewrvu-JUE2x4g3qcRESrqIiQnLIH3Yias82uuNdjSxJ_XoDtAHkQJvQN4_id0OitspcbR25r5GL-N5kQQLKnaIMHgKAgCcLO9Y6Tr62KOHRB_ePhKS2-FPATGAvAvju9_69AWOlNdgkrv_XkExhY_59JIFavIQaasreqJKDs-yT6dKt030LjkKDcMOW4I9e9M0KYDTDs597Gl0h85Nw2U6LVx8_1hiTexSYFP0E2k6_uL5d54PVZk8FBEWgSTi_j35F-1wssDnaPkeRDYUGP5kh0xqN_bBHZL5W8UwnNJrwisq6jDBPvLMPBjhjWugHrK15XHnUM5c5GhBrcEd2aFzInH0PKSjFrBK93jdX0nrh4TECxRRUmJzjKcBnjR5kTnvKUZ2VN4_ZTVelWiilCBJ6JvgkcOLShEpHyHaHE9l7sBRecBqlWDhKYltqEJeDGckS49EPYZjVjl8sidaNYKNF69XbnXEUE5IXMD1ws6VjKGYYozeATRFpGfBA_pYiapLtOmc6hHkm4y8crzsMfJg7O-EQ6n7OGtJC6uz7pAcflQaaqML316QZLCJI2RdjL03wI8zUy9Oaixvyzew_R0jyGCTsJKWG3GlyCAj93B3Cwzm3cFw4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _970x250_t1.png
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_970x250_t1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e88cb9906f40e486b719e399fc9b33ecebb72b1d6d4ac5a6cb7bdcad6e8616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 00:28:25 GMT
x-content-type-options: nosniff
age: 285588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Nov 2024 00:28:25 GMT

GET
H3 200 splash.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame BE1D 5 KB
5 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/splash.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:05:57 GMT
x-content-type-options: nosniff
age: 294136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Nov 2024 22:05:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A88C 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUa26vI5MZZCbGY2q3gP68rzYAwAAAAA4AeAEAg&bg=!7e6l7qHNAAb4oU7C2KE7ADQBe5WfOFBdrDB_6SEHTGWDvpwoyl9fZ_Dvxi1Mnm3A_fSsL1D5Slb6rgxiJlafaMe13RDhAgAAARVSAAAABmgBB5kDTJI22hrfZoKwiFtvZW9xlTAaRHL8F35Ckr0T0XnHa03rBKAExwdCTGcpxwk3l0NeO27NxhlPjOI3aBGeQaWNc5K5HpCHsJ79gT8uIcA68P1ZO9_tTWc8zz7OOmnww6_J5wPzc8Jl6Aooa3wD_-vPVSy-J7iCOfl2RcLS8YttPd580TT9z0Ue0-lRsMrdi38Wj1w6P9c52QjeqYHGo8mSWKvqrM7EpUSJMchn33rL8Bq6f3UcUcWUBmjEcBKyQhx3M0OHdB6vBC-gMzplQwP9Uot6d0VJs7YE_uKAC0adXYY5-KZ9WQ49fhFXnBjPqqLgbLlQKqAOyp9ZTJ8gNOUxBY8I9gz6YmO68rX0A0e9CIBscvPfQCgK3h0WVYtze4dj2I3jNA48bmD5yyzZP194El2XSdAex3JeNyT6pngOtP-6vV6pzxEvnJNqZDOHZIojCvDtwyoMko7tgXjsSZ-MlAQvkKf9cGT6fn-u_CqgOtmjjMVEsH5FCs3b_zmJsNPE_gQjCkMJx_WgqN3Z72TpmZkoYksO15e6xo06wElF8kr6rD1zQt-aSJrNJ3wRL7KH3g4Fs2LD9rtxBjd3apAbjj02oZJ5UTLKbNNI-mtgCtuBy0dVu1ex0G0rY-XwkEdhqeBYxXvN9c0vhs4WFC5P8LMqzbGuZJmdJbCoULk7uy-k89fv5pY3F9bKOSUWwZLgpH7MIOspXStup2fCmvgbrWasOQSd_HEmcaLr2gcyOaeTc2l7EXQkM-eWPanfjlOmc6zNWW3WYEcDfnl_Y-Lggodt-HswZdbb59CVf4JXO4RrYSheb-vXq7xan_KwCWDN4NWATf4YCD3LMw-YAYWBZ1FLc5beJfXyDUHE0gIVoYAi3flop3blahInjQcyR2zbxO8Q-6hMW_oAv6uE-v2tj5ZoqGfKfSnAbUlVSDhVm3QRYoXPR7rVEZ6ngFNIo-8MnUEVaTePrWS274b9cXsF7f536SIVVlDfFqBb4PKKJjU4zm-O424vbNVxkqCk6hqtymoF3DqqmIxufvEDLZ-i1X87zcm-z4VoviBRrZrgRFY5MZhtF6MWI4sgAtgatEvHvOEErJF3VEVyCK8UptNdUhTMR5tPQz3g9Ah8-1A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _970x250_t2.png
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/_970x250_t2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fad177d8e76bcca07bf04aa113439c0a690f2abe7ad176af0739ebb39db892a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:04:03 GMT
x-content-type-options: nosniff
age: 38650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2183
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 21:04:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC30 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiSn6vI5MZfm5KZ7P7_UP4OKjyA0AAAAAOAHgBAI&bg=!h4SlhMvNAAb4oU7C2KE7ADQBe5WfOGpfjiGUOgNAHjJhw05jNmLNAEG2IHsGQwdVDKGgUGvXyqSwkDDXScvi9RaamYVzAgAAAL5SAAAABWgBB5kDHykqEdUwJ7-FR9xiapMuR6Ng54NWzA-5B_Id2zE1EASAo9vwzxi0SNJMt9x27oizjKY7fLc-6ZdChYIBJEqInb0KjvrBpd9xlfQ_lD18-xhHxagsBfX9S0sjZ6F7RY6-gFEigVy7FB8QcypcFTiDH5YN8OQi3WIxrxlIQpzvlxj2p1TCG3rviy8o-yq8v95rNj1BCCeAm1pVzXh3nUDRHbrv-pngAC3Gg7LR_IY4AG1m2F3LO1TydUyYgdv8npx1Kp3iC9_-xJHEDctoJ76MWI5Nu4xVH3Ea48IilniONZduSnStFuA-a1HWwRnf7WdWuvNkc5rEKYH1JLGEcuN_uookNeTMLzN9PV00hAmlRsNkAhYXWekpvpsGP0mjjKEDRgox1XHxwEKlR2dVcg2hJ8r3LxDKZDYCps7nRVTNyiSBbBdyvX0g7CiZBmKMRmd41KZKiJgAdHaNliZDGip3g8dO1NmSRtBD0Sqf66a8Up2M4QTiQTT6rC7H-srY3rotS61Nq1jnPwjXkSFnjAlT1nvw_5rzzrGduPJwpcUdROBArzF_F6UVNGz630C6xzV_MkGJam2-uqyWHSnt7nFwlx8F9WXUbijNoSwUgfAnNlE1VOihP1E64kyTqXyz2gye71ok3-ucPiNJ7yASGuW5WWUHC_OyypW-IWRheJjzubwO0zUXU1Vs83Y68y-cQMIWBv7ozzeCwe8BGRNaws8oIgUVE7h_Gc8F2b1V8VaDKOW2SVx6N9R7krswG6dHE83-1KKAggv04kITWjWECiylGNHu2_3mARK4bi2VfKhvZ6P8AVxRPyT0xTZXixS2Qdo7-Xub5EOpU9ytdaVgrd1FZNL-ainPq0Bf8B5sWXsyrIiKwIio7y2DPNYi59LbIGzuVazRXUFqndUJziSfOiAWyRffhrWKANhSkWF1sy-E-6YSkr9P6-clHlb6RqDRT91ARbtIZTKAsX8uULq3renu2rc6B2Huwsc08Y0Ad1KycTHrH1_a_148MTnUPvHa39CfmE1JAhYZlDDqFYVEE4y5xCRrOWN7wIbK7w5gAPGfE1g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 splash.png
s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/ Frame FBDC 5 KB
5 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/splash.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400252137322387979/Programmatic%20Banners%20DE_AT_970x250/Programmatic%20Banners%20DE_AT_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:38:53 GMT
x-content-type-options: nosniff
age: 511760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 09:38:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DBD 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpj4QXfEkr2a4mATeU3XXvbhAbvvwvCKVyx6oT9ywMAvY57Pzoaq0TZtfdRrwC7NLRorOAZZ83Bmm6Ih3HHuQYXvFk3Qon32Rq3nAID9P3o1MYIWs6i1q-AYXZKRzYq9GK6aJUp0pLB7Fw&sai=AMfl-YSAIdyJpNHUcgXSNYY9R6xKBuSXLQqydJh0qlQdWuCdqzouhqcRGvgmJY1OwSHyOFjFgOQBWv659op1Vsf_UZueFbEehGmZA76bDzPo1NqPbngmU3di5pkIR57y_fU3L0pzJisB6HcP3II8OTNMyg&sig=Cg0ArKJSzMBjlJrKn0wrEAE&cid=CAQSTwDICaaNTsxopCEm5iKiw0B2idJ9TbfsNrnaXB-W_bar1LUHAnim3W8k8--jZ8GCee_sesf8vfdptxMsP_lfC69Q_RdVGQYe91IKVb6FVUMYAQ&id=lidar2&mcvt=1027&p=0,0,126,728&mtos=0,0,1027,1027,1027&tos=0,0,1027,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=20&adk=2978652027&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699516091882&rpt=856&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10EC 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwcoqFUvRXrOpfLYkHNn9_H4ZrM-WZ3Ws8sZHcCDT4weZSpT2T_XWpq3He8TlQ_muK14nKtar0kUzexGmkuwZ-eoIXgWtbTBUi-CcRQPr2rDJXDygfy0AqEmqFk28G9hV8rkLH3vx8ShHf&sai=AMfl-YT37i2VWjEnz4Agabb7vS0jZXqrrxbinGtc-dlZ_VDfD9bsU00VpNtEcVAVfllAK6Cq8eH1pk80-7n1APv9S2JCtqHfa3rfqc09a2ZUWY9Fh-19XpD0-Pc1ucTk72_WIWJ6-xJjlbmrYaaN18YD&sig=Cg0ArKJSzCpt-rICFUMBEAE&cid=CAQSTgDICaaNbt-OhQAWh0Rd8KCJw4o_rGjaD1N_Nvye1WrLsPPPFQMeq-lgw_5uK03dn_Gq9deeA7k-ATF2ZfRVhRHeBoQgYqB4Ot8BLRZQnxgB&id=lidar2&mcvt=1000&p=469,315,755,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&vu=1&app=0&itpl=20&adk=1783304219&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699516091850&rpt=1290&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DBD 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutNRSU6v39745r_j0nNxrYmb7-NsZHjFTrlJ0Xerx6wLvDQZZ3fbyknneRyfJu8px0oBRD3PZVE7has-UgwcBG4YvT3LryEO-mYS91xUKK7UtIB26FptVIow&sig=Cg0ArKJSzHP1_Gm9ob1eEAE&id=lidar2&mcvt=1000&p=18,0,108,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=34&adk=1761367591&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699516091882&rpt=1329&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10EC 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj8DiHoT6Mrm3S4isw3XQbUY9NVRrrpMBObKjjmzHO_Gay7wlbmnzs_DlFWx4YNYPGtgGNouA81BtSE0R1S8WEMO56UpdTOLBgLeuBifAuKjGwbdQO4RMfMg&sig=Cg0ArKJSzKmeMFlrqsN7EAE&id=lidar2&mcvt=1000&p=18,0,268,970&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=34&adk=3047537731&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699516091850&rpt=1608&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DBD 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=909197504756&version=m202309260101&ct=77&x=1&cor=15105508095208405000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10EC 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7095205673359&version=m202309260101&ct=77&x=1&cor=9668133066516568000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 07:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 255F 0
345 B 57ms
19ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=da8b13c3cf1e4bb7984256605faff124&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=567175346&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=557&eoid=18&te_exec=0&msrjs=4884&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=60&tetms=7&msltms=20&vltms=557&sei=290&vetms=124&tuviims=227&tuviems=908&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=904&msrcannum=3&ee_dp_tmads=2815&ismms=88&isumms=87&nvr=6&elmtp=1&isbxdms=2788&b0=100&b11=2874&adhgt=250&adwdth=970&norwdth=970&norhgt=250&vsos=13&dvp_vsosnmr=16&lftb=2974&sftb=2974&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1034&isuiabvms=1034&ispmxpms=1034&iscvmvms=1988&engalms=86&dvp_dpr=1&vstsz=918&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3714&cbust=1699516096154192
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4884.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
Pragma: no-cache
Date: Thu, 09 Nov 2023 07:48:16 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-08T07:48:16

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 14ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=koooralive-tv.com_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=bGl2ZS5rb29vcmFsaXZlLXR2LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.18.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.koooralive-tv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nf-request-id: 01HASRE466A3W4JYWEAZ21SJ9V
date: Thu, 09 Nov 2023 07:48:17 GMT
cf-cache-status: HIT
age: 2233676
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 823473d94df51c79-FRA

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-21 01:41:16	Name: demandSupplyTi Value: cb72c371-2bb2-4cb6-950e-254980c55eb0
.demand.supply/	1970-01-20 16:05:17	Name: __cf_bm Value: YuaRXwjUxenLCKVjmBh6NxVMwYfhfDEY2c1lRrlXNUk-1699516090-0-AUPx0Cz6BQ/J+AIHnyHzlZ3GLAIoJq3GVvxeRLd67nEyacn+mhjrxBoRIrDaoNKlC8nQI1vhNbjCcMfkFCoiqXg=
.koooralive-tv.com/	1970-01-20 16:05:16	Name: lotame_domain_check Value: koooralive-tv.com
.criteo.com/	1970-01-21 01:26:52	Name: uid Value: 8a14c07d-fbc4-47d3-b967-7920f7801aee
.koooralive-tv.com/	1970-01-21 01:41:16	Name: _ga_HZB4W0659L Value: GS1.1.1699516091.1.0.1699516091.0.0.0
.koooralive-tv.com/	1970-01-21 01:41:16	Name: _ga Value: GA1.1.609995766.1699516091
.koooralive-tv.com/	1970-01-21 01:26:52	Name: cto_bundle Value: jymUXl9GQ2g1QlA2R3lFJTJCR1RJYmNjUDNpd1BxR2wyR1Q2ZHVpMiUyQlglMkJ1MHlLaW03bGJMZWl0cCUyRiUyQkNvSE1JY1ZYSXhNOUhqdiUyRkRBVzdnZ1BYaGRVU2o2R2Y5UkhiUE9YcDRCYiUyRkh6YWZ1ZHZjMGhTSkh2Nm9QN1ZOcTFnOGZkZ1owNDJMeU5lYWVJUHFwU0h1bjBWU1lVamVyJTJGRiUyQkpUeXRtU2hKVFd5WVpwc3BpelUlM0Q
.openx.net/	1970-01-21 00:50:52	Name: i Value: 4b02aeb2-8534-4c73-b543-4b6b1e747773\|1699516091
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstCfa4767348 Value: 1699516091646
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstCla4767348 Value: 1699516091646
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstCmu4767348 Value: 1699516091646
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstPn4767348 Value: 1
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstPt4767348 Value: 1
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstCnv4767348 Value: 1
live.koooralive-tv.com/	1970-01-21 00:50:52	Name: HstCns4767348 Value: 1
.koooralive-tv.com/	1970-01-21 01:26:52	Name: __gads Value: ID=14630a2d193dbeef:T=1699516091:RT=1699516091:S=ALNI_MZGatiHIF8fYmvcTwowqKjscmVRfA
.koooralive-tv.com/	1970-01-21 01:26:52	Name: __gpi Value: UID=00000cbd8ec42c2f:T=1699516091:RT=1699516091:S=ALNI_MarqZe7Lg_iGvD5-Lpz1iK2PE--oQ
.casalemedia.com/	1970-01-21 00:50:52	Name: CMID Value: ZUyOvL-XLFijqZvaWtSbuQAA
.casalemedia.com/	1970-01-20 18:14:52	Name: CMPS Value: 1208
.casalemedia.com/	1970-01-20 18:14:52	Name: CMPRO Value: 1208
.adnxs.com/	1970-01-20 18:14:52	Name: uuid2 Value: 8315200318939873890
.doubleclick.net/	1970-01-20 20:24:28	Name: APC Value: AfxxVi7WDBudHQAdqYhGV4su3S_d1UEp8m34ZQkU9tPYsfM7YRvHQg
.doubleclick.net/	1970-01-21 01:26:52	Name: IDE Value: AHWqTUlnOq0tvbUrFO3hrC5m9Ddy4q93fA-5eCkp0sqSRAsa1zJgRwNv_9bc8yug24Q
.adnxs.com/	1970-01-20 18:14:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il`k=:cM!]tbPl1M>e)ZlrFUfJ+tGXxo@WtN?@GMJ(eUZl'q<9G'ycU^tpX^V23Vt_ih3If)y3KL9D3I?+q!Be[W
.doubleclick.net/	1970-01-20 16:48:28	Name: ar_debug Value: 1
.csync.loopme.me/	1970-01-20 18:17:44	Name: viewer_token Value: 38793dfc-0b5e-4602-99da-d27b3a7f165f
.ctnsnet.com/	1970-01-21 00:50:52	Name: gid_CAESEIJf7fLxgHg2hIsg-sV6kqM Value: 1
.ctnsnet.com/	1970-01-21 00:50:52	Name: cid_35f6e89eced94a0ca1f4fd1493c05b0f Value: 1
.media.net/	1970-01-21 00:50:52	Name: visitor-id Value: 3425176931491860000V10
.tribalfusion.com/	1970-01-20 18:14:52	Name: ANON_ID Value: a7ntuJwyEoipuMNpaXU7cZbdXtEekjn6gEIgKO6VUQDZcEvCTD0t2oXXxE3dZaqbcOEruigoIyCL1QqQ3fqD4q2RGED

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-8-1.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/11/%D8%AA%D9%86%D8%B2%D9%8A%D9%84-6.jpg Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

169951609204894be86e1a47713a53e00019cd1e01e35ddfaeb338af.trk.sensic.net
a.tribalfusion.com
ad.doubleclick.net
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.lamp.avct.cloud
cdn.prod.uidapi.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
cs.media.net
csync.loopme.me
ddf838b9bfd3c6f7da59a7e0718fc4ff.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
kooralive-tv.net
live.demand.supply
live.koooralive-tv.com
match.adsrvr.org
match.sharethrough.com
measure.lamp.avct.cloud
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.de-config.sensic.net
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
ups.analytics.yahoo.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
104.18.36.155
104.21.15.222
13.32.99.48
130.211.44.5
141.95.98.65
142.250.185.66
142.250.186.98
149.56.240.128
172.217.18.6
172.64.152.89
172.67.208.32
185.89.210.122
2001:4860:4802:32::36
23.212.88.20
2600:9000:223c:c400:10:dd8:5e40:93a1
2600:9000:223d:5c00:c:bbc8:bbc0:93a1
2600:9000:2250:4c00:a:e047:753:a221
2600:9000:2644:800:1f:f009:8540:93a1
2606:4700:10::6814:81f
2606:4700:10::6816:3556
2606:4700:20::681b:4071
2606:4700:3036::ac43:d4ca
2606:4700::6810:5514
2606:4700::6810:8616
2606:4700::6812:18ad
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2008
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:d::1732:83d6
3.71.149.231
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.157.200.246
35.186.193.173
35.186.253.211
35.214.197.221
52.212.57.114
52.223.40.198
52.48.253.127
65.9.66.97
02e539bfe989b4baa4aec2ba19eb5430bfb35ef79089a789315fb15106052c57
04172c9666f79ab4a19c9e62e33d9529ea02f6f2267423fe0eafef50ad1257e5
064bfdec13e3193461acac835744ebb97a1abd2c1ddbeda7f0c264c8cb692000
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0956fc707aba5d6ba9c2917a63405d88309a1f09966562645456633451a12cc9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
107ce054924db230ad1ae74a0aad82dac8dac69b6a489a8785b78a2f32657184
11519fc0b0807e089b1adfd53e0090c1dbd93aa0da4aaf1ebb0293a99428c3de
13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f
13f75fa50df19cb3a190ffe2c493349c9d4aa2ab515cfb4bcd7f4cc0817c6efe
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1f1d425b50a33fd633251349a8ad42173d4987e6cbf051ef453e32a7f89bb077
1fad177d8e76bcca07bf04aa113439c0a690f2abe7ad176af0739ebb39db892a
1fc841e506c83e583ab37f27bd3b7f5f613f4f25711925332b69fc84605920bb
1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0
2113f7e25ba229db918ced421ae4dff98392883c31936acc15f22035f9dc2dcd
257d7b6385b6e2b99dabcdd3ed515bac0bf5926ff40f280916b6cacd37c007b1
2ada008f8986e45fce0f76667b70c10294eaba3f62a2a7b5c63d41d2af3c93fd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e3aa2e179c9e8b451618f5a2cb2231a1113fedaf2b571fc33457f3b44c5c0f6
2f5e3f94b176a6b311476a8590ccb89d6a03b69156d4367119f6822c4677efb6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
39c10d777b25421ace0e1964717fc11cfb6827a007fc63cd2e92717b533d0171
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a698d81ab60abdef44efd2f20e89bc21f767d4c483ff3fda7f3a03cfd1ccae
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
53484dcdcb2365db5711f604fb89f689888b1801c804ffd4ea23784e4b201dce
53863380c38e29bd13b5776b1d360cc3d89fb939363f02b6364f3d13c800f974
543625de464104d954247452a8db0b4fc9daa5557fd36d801e128cbb2fffc52a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58810bd5a67587c942df6375e529c2bbee0955b65d85c5f75d3ec287bfc5072e
59e80d0410252c056d3b4e3b21d00fe3552076081a8dfa55b253e2b659b29185
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d03a212179a35b5ec11c0d20dc24f842c78ac438205d14adf143fe5e0300e87
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6a70fb0af219ddb3f4c1837c0bb007209a754830064f081cad618ecbaa357b61
6b4f9bd50fb978739a614de00bbb8427de4b4d2cc1678643787570facf63ba0a
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7464953b31b2bd973f80ce7ca94ec6f43e4e5e80b9ecf17b1f0de4e813f10830
74fbfdd86ba395960dd1ece3f485c3377338efbba426a44795edceaf0d1130d9
7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae
7e0ed3924a82752f0529f39662cd20a70bdfb19ed75bc298baaf51397c4b66a0
821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9
8292c79a44356dae0dd28d94606a3674bd2d613a93d7304d3090b678cc1755f6
847133845e6b09437a731a77ce4f6f31924b28fbf31460a78d0dc5558039cdd4
86912ca13369532ae383adfc767f4d4e759fa6f4d6eb6f966bd01bab1a80b30f
86fe862ac488461b88b028f06e952fb5bf2ba2b62928fe59a6f0892e6fbbedbf
88588830962cdb62afa928436cb3c7aa7a571cef13c2cae0b3f3b014f3d1c0fe
88f8a5ddf900cb2cd6794b6bcdda68b35c3f8b9434e3be0b476ac77f91621ba5
896884a2d646abb7473b3a15d6ba1c449090d8383e8d3a9d2fd5d004e37d4ca0
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff975e867509c338b208ab15a3f4ed25b939879e40f6a6676c123b5c9119bd6
92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9
937c9a2b3aa7a7df4ec076c05cea72e999ef6f257a946e45bfb7b4a25c390e61
93a7de4f22f73ab6b533ff2f3c956818491d4812805d0c4829fe358eee91f770
9a4f41c8feb8b9bfba0643c8a240c9d865932dad1ba7b71ec9c7ac50d6b02d68
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aaa41c92c5a8c4640b5bb2173ac6694f87c298913f4defbc6fb837314022579b
abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151
af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09
b027f492fbdcc0101675cf0f37bebbb43b0d6d9c18b37ab1f1cedf965e47b05b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe0d01d1375f5e245a1cfcbd4844cd145bef91e1cc07330b2a473c20e4535d3
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cad3a5dc7cffc9d617eacc752f420c315db1b84a1b88034d3973497338713314
cb6a9f748f5c6928f8934ed96a19d885b1383d480f6eecdf0bc362875489fb9d
ccaf4981a18043f9f62ce7d6aa7c46c5dc4a447ff34851b1b3b7d8e6325ebc29
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab
d7cbb16c11db9f2d7ef179daf620425dd028396d23bc54957d80926b8ab08905
d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94
d9350355cea44278c2ad713639f9d54e6bd80bd101e15c00787af6b342c66e0f
da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e0f50ec81b534eafbcda2c2f18086d8dd1c483fd102701f199571d053e9550da
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e16cc0dcb6483e969661ee10c7752f3a9462a547b7b78279eac970808921a2da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e88cb9906f40e486b719e399fc9b33ecebb72b1d6d4ac5a6cb7bdcad6e8616
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e89cdde6b60cc4980d248e8f7f39d4cc3bb75cddfa5bb6912c76f0b1b7762cea
ea25fe3ebc9467710aec5835538f8a7b1fbf0521d658c0c956b3e7adc1d138b1
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec764565e82c1166a791fa040c43ab3cee1faab6a16f26a364bcf031c12f5867
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48ab28bde5226810d25ad4e4d09e324f6b36a92a4cbc92681944f88ccdb56ee
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fb786954194f34da15495734541af7d0fe71af4ab6aae6f9461713d6ee410a4f

live.koooralive-tv.com Open in urlscan Pro 172.67.208.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

90 %HTTPS

50 %IPv6

36 Domains

54 Subdomains

47 IPs

7 Countries

2513 kBTransfer

6330 kBSize

30 Cookies

34 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

live.koooralive-tv.com Open in urlscan Pro
172.67.208.32 Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

90 %
HTTPS

50 %
IPv6

36
Domains

54
Subdomains

47
IPs

7
Countries

2513 kB
Transfer

6330 kB
Size

30
Cookies

245 HTTP transactions
10 data transactions