kooora4lives.net Open in urlscan Pro
2a00:1450:4001:808::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/
Effective URL:
https://kooora4lives.net/beinmatch-4/
Submission: On October 17 via manual (October 17th 2022, 6:56:11 am UTC) from PL — Scanned from DE

Summary HTTP 461 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 72 IPs in 9 countries across 56 domains to perform 461 HTTP transactions. The main IP is 2a00:1450:4001:808::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is kooora4lives.net. The Cisco Umbrella rank of the primary domain is 826250.
TLS certificate: Issued by GTS CA 2A1 on October 10th 2022. Valid for: a month.

This is the only time kooora4lives.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 30	172.67.71.236 172.67.71.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:b::210:f1cd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	192.99.8.28 192.99.8.28	16276 (OVH) (OVH)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6837	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	34.239.3.208 34.239.3.208	14618 (AMAZON-AES) (AMAZON-AES)
20	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681b:4071	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.95.4.204 141.95.4.204	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:f44e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:480... 2a02:26f0:480:39d::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
38	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	23.23.108.37 23.23.108.37	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
26	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2 9	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	198.47.127.22 198.47.127.22	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	3.64.202.105 3.64.202.105	16509 (AMAZON-02) (AMAZON-02)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 4	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:ad6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	54.155.231.125 54.155.231.125	16509 (AMAZON-02) (AMAZON-02)
3	34.202.192.26 34.202.192.26	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	129.159.70.95 129.159.70.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3 5	3.120.13.175 3.120.13.175	16509 (AMAZON-02) (AMAZON-02)
3 8	34.248.3.167 34.248.3.167	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:585::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 17	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	184.24.1.49 184.24.1.49	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
43	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
8	2600:9000:249... 2600:9000:2491:5e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	79.125.33.106 79.125.33.106	16509 (AMAZON-02) (AMAZON-02)
3	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
27	2600:1f13:800... 2600:1f13:800:7780:3ac0:b54c:f513:72a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
16	2.18.232.99 2.18.232.99	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.30.241.130 52.30.241.130	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:b661:2495:bc14:df31	16509 (AMAZON-02) (AMAZON-02)
2	18.169.125.134 18.169.125.134	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
461	72

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

kooora4lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kooora4lives-net.webpkgcache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.67.71.236 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kooora4lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kooora4lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:b::210:f1cd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.239.3.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-3-208.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681b:4071 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.204 (France)

ASN16276 (OVH, FR)
PTR: ip204.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f44e (United States)

ASN13335 (CLOUDFLARENET, US)

signup.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:39d::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.108.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-108-37.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.202.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-202-105.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.231.125 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-231-125.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.202.192.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-192-26.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (Amsterdam, Netherlands) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.120.13.175 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.248.3.167 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:585::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.24.1.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-49.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2491:5e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.125.33.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:1f13:800:7780:3ac0:b54c:f513:72a1 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.232.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.241.130 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-241-130.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:b661:2495:bc14:df31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.125.134 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-125-134.eu-west-2.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	googlesyndication.com 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	513 KB
67	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 ad.doubleclick.net — Cisco Umbrella Rank: 185 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	545 KB
43	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	581 KB
43	adsafeprotected.com 3 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 620 fw.adsafeprotected.com — Cisco Umbrella Rank: 794 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 546	387 KB
31	kooora4lives.net 1 redirects kooora4lives.net — Cisco Umbrella Rank: 826250 www.kooora4lives.net	436 KB
26	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 492	44 KB
19	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 821 cdn.flashtalking.com — Cisco Umbrella Rank: 1144 ad-events.flashtalking.com — Cisco Umbrella Rank: 2241 stat.flashtalking.com — Cisco Umbrella Rank: 2409	159 KB
15	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	17 KB
13	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
12	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 111335 servt.modoro360.com — Cisco Umbrella Rank: 107940 serv.modoro360.com — Cisco Umbrella Rank: 140643 servs.modoro360.com — Cisco Umbrella Rank: 211037	12 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	373 KB
9	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	8 KB
9	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 134074 adipolo.com — Cisco Umbrella Rank: 102552 signup.adipolo.com — Cisco Umbrella Rank: 191302 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 142648	144 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 rtb0.doubleverify.com — Cisco Umbrella Rank: 703 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9427	131 KB
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	109 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 572	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	3 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
4	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 599	2 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470 ads.pubmatic.com — Cisco Umbrella Rank: 495 image6.pubmatic.com — Cisco Umbrella Rank: 671	6 KB
4	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 777	1 KB
4	adform.net adx.adform.net — Cisco Umbrella Rank: 3993	817 B
4	google.de adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	85 KB
3	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 504 tags.bluekai.com — Cisco Umbrella Rank: 539	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	3 KB
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1889	186 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35095	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 828 s.tribalfusion.com — Cisco Umbrella Rank: 2234	1 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	695 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	326 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1137	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 409	418 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 681	775 B
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233	356 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 585	1 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 924	214 B
2	kooora4live.com www.kooora4live.com
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17901 s4.histats.com — Cisco Umbrella Rank: 15235	5 KB
2	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 145235	16 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 471	626 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 841	716 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	861 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 538	513 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1204
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 543	276 B
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 890
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6415	5 KB
1	ovh.net storage.de.cloud.ovh.net — Cisco Umbrella Rank: 174635	15 KB
1	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 11252	60 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	42 KB
1	webpkgcache.com kooora4lives-net.webpkgcache.com	3 KB
0	smilewanted.com Failed prebid.smilewanted.com Failed
461	56

	Domain	Requested by
43	s0.2mdn.net	kooora4lives.net s0.2mdn.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
42	pagead2.googlesyndication.com	securepubads.g.doubleclick.net kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
38	tpc.googlesyndication.com	securepubads.g.doubleclick.net kooora4lives.net cdn.ampproject.org 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
30	kooora4lives.net	kooora4lives.net
27	dt.adsafeprotected.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
26	fastlane.rubiconproject.com	player.aplhb.adipolo.com
25	securepubads.g.doubleclick.net	kooora4lives.net securepubads.g.doubleclick.net jscdn.greeter.me
17	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
13	googleads.g.doubleclick.net	kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
12	cdn.flashtalking.com	fw.adsafeprotected.com cdn.flashtalking.com
11	www.googletagservices.com	jscdn.greeter.me kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com www.googletagservices.com cdn.doubleverify.com
9	ib.adnxs.com	2 redirects player.aplhb.adipolo.com googleads.g.doubleclick.net
9	www.google.com	2 redirects kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com tpc.googlesyndication.com
8	googleads4.g.doubleclick.net	kooora4lives.net ad.doubleclick.net
8	static.adsafeprotected.com	fw.adsafeprotected.com 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com pixel.adsafeprotected.com
7	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	servt.modoro360.com	player.aniview.com
6	gum.criteo.com	3 redirects static.criteo.net
6	fw.adsafeprotected.com	3 redirects kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
5	x.bidswitch.net	3 redirects
5	bidder.criteo.com	player.aplhb.adipolo.com player.aniview.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	stat.flashtalking.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
4	mug.criteo.com
4	ad.doubleclick.net	1 redirects www.googletagservices.com 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	kooora4lives.net cdn.doubleverify.com
4	ap.lijit.com	1 redirects player.aplhb.adipolo.com player.aniview.com
4	onetag-sys.com	1 redirects player.aplhb.adipolo.com 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
4	adx.adform.net	player.aplhb.adipolo.com
4	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	static.criteo.net	player.aplhb.adipolo.com static.criteo.net player.aniview.com
3	www.gstatic.com	kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
3	servs.modoro360.com	player.aniview.com
3	ups.analytics.yahoo.com	2 redirects player.aniview.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com kooora4lives.net
3	player.aniview.com	player.avplayer.com player.aniview.com
3	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
2	ad-events.flashtalking.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
2	r.scoota.co	2 redirects
2	stags.bluekai.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
2	beacon.krxd.net	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	kooora4lives.net 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
2	ad.360yield.com	2 redirects
2	prebid-eu.creativecdn.com	player.aplhb.adipolo.com
2	tlx.3lift.com	player.aplhb.adipolo.com
2	hbopenbid.pubmatic.com	player.aplhb.adipolo.com
2	prebid.a-mo.net	player.aplhb.adipolo.com
2	www.kooora4live.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	jscdn.greeter.me	kooora4lives.net
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	id5-sync.com	player.aplhb.adipolo.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	tags.bluekai.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
1	servedby.flashtalking.com	84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	image6.pubmatic.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	ads.pubmatic.com	player.aniview.com
1	csync.loopme.me	player.aniview.com
1	fonts.gstatic.com	fonts.googleapis.com
1	serv.modoro360.com	player.aniview.com
1	player.adtelligent.com	player.aplhb.adipolo.com
1	signup.adipolo.com
1	storage.de.cloud.ovh.net
1	adipolo.com
1	www.kooora4lives.net	1 redirects
1	player.avplayer.com	tg1.modoro360.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	kooora4lives.net
1	tg1.modoro360.com	kooora4lives.net
1	www.googletagmanager.com	kooora4lives.net
1	kooora4lives-net.webpkgcache.com
0	prebid.smilewanted.com Failed	player.aplhb.adipolo.com
461	88

This site contains links to these domains. Also see Links.

Domain
www.yalla-shoot-matches.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
*.kooora4lives.net GTS CA 2A1	`2022-10-10` - `2022-11-24`	a month	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
wl1.aniview.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
greeter.me E1	`2022-09-17` - `2022-12-16`	3 months	crt.sh
histats.com R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
outstreamedia.com R3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.adservrs.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
player.aplhb.adipolo.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-22` - `2023-02-22`	a year	crt.sh
signup.adipolo.com Cloudflare Inc ECC CA-3	`2022-07-07` - `2023-07-07`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2022-10-08` - `2023-01-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-20` - `2023-05-20`	a year	crt.sh
ad-events.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-08-31`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://kooora4lives.net/beinmatch-4/
Frame ID: 9885951DAFAC689E544CE3F0D70AAA3C
Requests: 177 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6ED345B8D4397BA7C0985E576386D2EE
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Frame ID: 12417FA7C28367BF941CDE06D23673D4
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032210071758000/amp4ads-v0.mjs
Frame ID: D4B886D7F14818B973E1C8F35405D009
Requests: 18 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 928FB541BF1F118A06D5ADA674635236
Requests: 1 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0A8A693CCD10764358D69E5D33A6929C
Requests: 5 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 317E66B4B16DB61CDCB6D06BB9319015
Requests: 28 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6E74A4883F8258BAD52B843559C13DF9
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%7Bdevice_id%7D
Frame ID: 4BE8540B3438803E78C708E017AE0071
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D
Frame ID: C1E9D341B35537D5A3AD368316605682
Requests: 2 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 962B5BCB888ABDCCF78F7A1ECC071C39
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1665989760568-965177218956-006093-006-009538&key=d8475696-b4f0-4f2c-8ee4-168ff117f5a3
Frame ID: CB3DE83ABCE4AE34DCCC96674C085455
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1665989760568-965177218956-006093-006-009538&key=OPTOUT
Frame ID: 75ECFD1F9548CD20DA401E12226DB4F2
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1665989760568-965177218956-006093-006-009538&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%5BUSER_ID%5D
Frame ID: CE4097C5F7143DBEAC587A68A0A1024E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%24UID
Frame ID: DF76E4A44703A1429DB82E90322D46D2
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1665989760568-965177218956-006093-006-009538&key=W82utIzw2MY4&ev=1&us_privacy=${us_privacy}&pid=562704
Frame ID: D9949EB46AB0DFAD471C408441F6E180
Requests: 1 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5AD776E1E97590D7F3B92C0921A4E11F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCbv6ABGOCNzNABMAE&v=APEucNXNEyTVEBpSyrAv-O28mPAhOuSFbmTojsPlzcuMaW01JZBvpHW0bipWlVUJ1rZUU68QW4e3PkOQQ1N59MiMnS3c-gA9LwSzTREM9aGC03-SIcVp1AZzL58dB4Hf1s_s94Fmg1TMWxrAFOW3UWUigDCzKWbQ-tDCCEFCzfzwXIUJ5Yg5qX0
Frame ID: 6E97778556733CF8652B96A55F4CA742
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8Otm2j6lhdv7F11N4vZxU0ZcenJjFCRNmie32f9PhU44IkWu8TVLAZExubyYrBBK1EpjD5CdJYVTdpXjFMhni1bl7zeI3Qn37byXx6KC-2BMdV0XT3bkW3n03hlCNLzuQTh3p8nPpZqDuLnqH1FMJTTFWUktREhbhq1IO2XZF91-SdDQ&cry=1&dbm_d=AKAmf-BT3BQpkFVYXaxkvh9zd6_Cv4_gMA7IfQ8t7X639TBIQL5Y91ZfcknTU4E_MDNxmp5fNsRxScBHmxLnNEhC8pLpQ7O1uZK0PB04o0JsiP1kSqYFX_La2ASoBzUUUBJhw3n2ZFmbT5OwRQVrmA3Pt7SU2OC_KiVcSsbxWvLy6tfFNJDqkDwEQP801N43qWNGqsB40mooGKHEhUJRH2z-SW-SPpdaZmxcrwWQScsKACQ6iEkJ_bDl9LA7Fv36o7BgrWcW7wI5knQ10tE4p_plqgf0xE8L83WAryBADAJk4h5JdkQlZJvVuDh6xVquaUVCKB9skNQvGkKCkjYb9bQ_iWUcGoiSBALCl0UWyrvY2ryarGeTVajk1HdT-bX_E5FPJFpzM2ZMHOM2z84zIp5Hz94DAp7kc8rYfHuzj2vQpQ6DxE3tWYYLotkDqRPbgkjwQLj1lT9vgVFEFo6NIcuHFM2X2bIjyA6l_1gXng4MMGfEu7ZaFMD5bDDIdyfyAT-6Xy3Jo0wU7153OrPzDwjP7VDaGnJQYgWMrz2JJDyQYMat6ViL376LLZQs8YNNSRprKMuHGqQ5OTjOOFyjhMGHGI2k-5wk2e8dJ5bL-94gKlk3oMsL23xAatpG-ebEC6cjIEZUaEptB_2u1aC_EWjep06kYcFz2kVF0hpE9jUiF71r5jTj7pO17nDvTSGv5zQGtsBvJuWmXTFaF1wGVJlLF_wJZqhdcN5DEYKiWMra-iwaELSC_q5Rhm51J7Wea68IafxXW2Jv4FGQEwFYzXa-P1jax5Te40apwoKAjWOhn4hlQd1Ip8Sn851YyrDHkK_kP6cjjbiJCSTGvNP5Ie1AZyqx70astI7xW83j6aLJp_ClRotqqgj2j2N-7HyWxuHwoEI7BCBON5dys0MwyAtZaQWyXRXbURMqV6I3fr2-a4N6RoEVmQDfDUMpY-vccu-mgw02w3iA09aVU8vE6EoQMvSoz1DbdLDgd2cGkz429pEZdgUmpPjgBy59OpfvVVq4GrplvUMDAw9X9Ygqzp8xqMkfdUjyZlhBa0bZq4m3d217uezZOL3cCsXWfO8EqCGOl9darzt_6xAPCCKEC_t7qHcpbGttCHhIuvDsLgpzN9v5RWdnG7a-jKuF1cEKy6jV4z4GR4Ae1mjhuHAuSYz_g6W5ZyoFBVQ-XSGhk9XTCoyOeBhoDc4NfTEPpeyw3-5VQrlKH9Doay0ILJXrDQsRZbfVZPkWixMOYxl0tKOb6UV4vdFQsxxzRk2mZP1oLTRUJzpEBOYmcqz2aFl5WVZrCwPZwhcrtAxFXQoowW3hnnnPHJiKXeus09Ba4BS2Qt78yYUmLVkIU2wJ9HWHs2cp-feeku1lytkD4H5NAbB9WdpQnqVa5DFvkbg5cXf0r5x3MZ5NDcgYGfvGUmSRNqsRUvH1dbpA1Fqp5vXnbrDbMbBP2S3NBCB0U-sQbpKYhrIpMeSZ6L8X_M-s0Ull1Wva528y2bzjdWDJ05pCNzjeXknOq6u9S25SwKOvT1guXQBRPGZEdIp9rTBT6jVzm2LI_Z1It7uQTSvCoDhB1ZiWg78ilT6MPQzNgefwGsxS-xlQbBklytEs3qco4KFOLxudYXOjNGfAOF26pS5EsJhk4o27bYREpja1qKi7ssRAnhIqyKmwSdydAYW0EyFGjpaul_WL3E2oP7iFWCalb23rkzsh4SpqFVBFr6V7GNFCGmqGO5DHD69jIBvNtrnVzHZom5AuIlRPXtjsVO5KLVyUDdA6mBIV9uJUt4RO9ERXGfSi7GpOklVcnUFhak03znv2MgtmviBhH4fRG61rdiSpHwOHK0QtAnZGBPnJIAV3JNedebPaGDMZtZ39RrzvV3NKzhrFMLAyrsz7l_53IlgdvcL4RQfOgBS63u2Av4mdM6Op2_eErYvzWDN4e-sSBxX18aVX4LPpRsWTsZRKBmYGlg17iBrc5e4pnu8zgCJCnPbIr4jbUr-LnLNYy90PVgJtPnGyq97PV_IwBisziemvN6gDzLN6sec0AkyfA0GZtPG5UWHjyD5Ckw7tDb8D2t9F8yEawpHbxEDlFbAJTvdus_i7LjKG8XctliIJSrFjmuQV6DHHEPIwdwUac8VQGjBJEfyq4iV3gTPl5BmKuvC00fItjB5MRoi7DT7zBsv1K-ucBWcepu4Bo208IweDZu6HtnhOQK6hbM3dBdF7Gq57BOmHRU01FnvKIxhRvFIDKD7M2bptcgDom7tciUEInVRmSh6Aulyt3NiIFtfthOIQjl_OUOpLNq4QC-rEW7duFw7JQW33hzR1VC3fzJWCMPmdo31j0YU7SL3FTJ0S1ZALDVJsgmQV_XTeU-lQ3v86YMdHSAS8D5O5rtemvaMtg80T_9UiZFqTNNF9qc_eSgNTFNpcpJSOt3SWNt9QahZ5fnDDNnJvXOqGhum-M74sRlXpgS41ySpOyuzbwSvssbPO_FUIztc1FEMMr68L3uyoOcolx67XOxYjdDhHZFgUmCtu-fb2mYi7sOTiz_B4gMjHTTwtv95mpfumxJfCTqPItxJRtpBFpaMj1bZYaeXh0qogm-0PqmMpSC_EgzoSa8PCZA0qokuBQQJu4HJ7yNlBU12IEoEQAEw1sJ13HC2i6vNtc3gkqBPyhyZ9Wral3cKFVAnQYbzJZMLr_Y657nG74eALX_fROPiE2_YVrDd7s_E4Vudk87SfgXfCKiM9qWpEY4idUidbcRgv1JRTeFLLE5Mek7mRsC47rO26DrV8g1Ywd_f4Rd3e0d4m47Q6YTfD3DVK5UaYHaAME4SlMhghMA5fphJlV3cEhGq6ntsqiunYYlFw4NUXPLFksgxkTUzDRLYUvshCZbrnG6x76AGb7mlbrtKLwY_EDrgnv_U6AH6YGCtcE4eAxPXoWivRNY6Sm9oMZEAlPVm3hpVb6tZz1W7_L-GbrNXsiuWtuWaEYT-uDKexpU96K3nTQuqB6H9FDAbTTsCwvlMHdM2toj2lFbtC97NYq9K3-h1i1JmGWaMdoD41NAkdVRZZNwP65DNxZWl5XjVWybGpdA91u9bktWzcAeWNbUi-4JOmfRrKWD1xgPQfdlHTRhQyIertxVbfv7w_ZYzAg9eCzl2S8yiT9QVIeKcWfUWJa00Or5S6ZcHssI_M09_JqaKGxF4RnSeUgxpm4H8GYNdicRn8qC1zRDQY0EwJ1lhCFLj3bU_IyIIwaUi5osYj8kju6q7aCC2lObXYDOyHtd-8fEGo0iZF3eqBtfrRa8Hm7jhpq-1T1sQBnQI-7sBMhtmRj2q3Zce4ribez3p3WDY4uCb94QPKvBRyQTZjgxyLHPqOzh2a6vi_SLN-4zp_4Hjd78Pv_4BoTWefM_MBC-EIDcnHlAbfoZ6axUsV6AX9k5QkStO8LNIjw2oZgfKNhQ8HBssKOk_cy1TaA7JnhRCWVfzCcS762TcLGnBe5koB9mC2UP65KawpbjanGiU8S0Ef7aZlQtndNygVdKnKln0&cid=CAQSPgDq26N9niUpB2v6MpKUcOHJSpMJhwR-t4_eB4iOwQf8fkHVNakXoUmATfGbW4BJNkiRyWd4USj6tHg_xe0MGAEgDg&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: 47E3341D6DFF8F538B20C6FEA847BB45
Requests: 31 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DFAD36693884533F5AF7F63D875EDAC1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQY-cCR1AEwAQ&v=APEucNV3EUar5hiDerNOO7YQopf0CuXaK0HEi4SySY--XAaMwcFatRwDhIEWvL53Ww3cdU0JD8lHVQbkWpblFit1xJLmQ7G8XV82eCTKS8JkBqFIVV1LH5-Z_WiYBg59o4DjNKvkG6aNTfmzER_gprsCSqBcuLMc1v82MXI0t_Q_yC8Crvznu4k
Frame ID: B7C5B7D609641E50D99A771DFBA2DB04
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiYgbzHATAB&v=APEucNXBOVshvHdn1HhJ1EfUtPLFcN543H0ctomtCaUUF42gCAa1EZ5Zv8pd4JwZe3QAnblSIQCKemvWiP2kvlkiNZULo13ONYsBxFKSQEpsPGreSz_xTErYqIB-B05mUrmZd0jbxyk7HmzOEtEbLNI7jBL5E74I23mJFEut97TiIloMteAXzgc
Frame ID: 555A33CD6886B34E317D77C7A18488D6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTb0kYe-30tO_t8D7GdFZIelC6AHWwqdhtBAjKfjIz_2msh5PQkvsW9ZhBokJwB69a7b8tfAh-318beeXR7JpnCoDD4SiATldCahp0TcPWG1_CSdxghtkpMnY_SFGgB1k2zxqBmltDpUz5IHIeAuqLTyHuFetrvm2m5CISvKlhijkqjnc&dbm_d=AKAmf-DcHyD9DF1dZsmOW_A_31BI3t85QUkOt6DSyHyKbkK5ndgI0okVYM78etc7g8k0rZyBqoqDoOl0Bs0haIEK723kTEymMkHbue4HMx6QY4ntKjMgooT9-wttDi9sgQKRIeczgQ0UpjB1ssSBDLwmUj-3onCrp86iAKAw06vgb88HqLtRF6nsodr41x-PBZh4u7jMXSnuRIxBuBKd0Cprml4yM_ZvVXzaUiNvhDrQR3inxIJEphS8NZZLVQUtjWWuKGQpF36BCOAxeFkNLRHRz4KaCoQPLUYSUFnX1r_TF5Os0Vmv_Q5cV8eGQYlueAU5UFMRuwfFHz_LLCdbagxgOrWkGAvjexy-mDimcy_3EeKMdfgQM7ESGH8H1YNVaqZUmzBf7sNVnuygMKB8qT79zZuUH6gEVpnGtSQ0SLBGGJWZF7LF3R_Bx_X7hrHkAbbNjYGp8Y8lOGZgHzF4XwikXyShSnEM9WRHajs7prZ4SawKGQ3udYjKQrIqaW4LspAqKDWpJszX23TpRDrHOElLlg7h7kqVgL9nWLvqLorVovCHhaGQft_A_YKP_dCx63XtJW5ooiZ__aShdIskGb4-B8BDpkRx5ySKw2QnfWtsT6GixG8xwvDCgZFTbj7HLWoX-gLV_H5hGzI81tEufZuRb3Y2YakQhloEmXpbS5FuRfxv5gMMhGeWwxzumrxiAdMy0OWNCVYfMQavpDkNRZZeKxXqDeBQtn4inMR9nc1XAeYemGh8dju4Alez1mf8KPupiCw3oBxYs78jJKRF6csCs57BUwpQ-tAt3m-1tL7GZ93KavtkOWo02EnZlIH1tK7PgH27Q7i8TRzLH9bT90smFeN9itDAWuJ02ZkgsLjBVcAndAy9MPe7J5-lKRXhlQ6La8f4fZIdw9_5mOBk-3tPBUVHBbEZV--wFYFIB4qrSzUALxZxiZ3103rZSB94aA8Oh6pGP4-4b5oMnZySa2myEkY4263l1Syw3zrBG_7ftRMp6E9Y4ATEeXSJKvMd9F7cJRP740EJXXPQy0FinKh6TRNu6fBa7kYLbomF_dtPIeVqJV_QPpWNloQGbnKzPWGDmuZgY1Pk7EHUwxRITJ8bnk8H5co6WKSF3TMBQwUioXCkxdxdSit39ebVIwMoBLfAAty7Ofxo_2TtlPcoTAetESIqy8D8v4UzpGMC7-tXAM9wqzznezkLXvigt8DJCTQ8YDvRKDOhoYAK9_S3Rn20Tu1WpdwNtE82yobb00uuYgtD1fLElT_7LIMU_4nkswtWgy_5XznIVZPIAg3Br0xZtX61j842Hia402p_TKhT9K5zrvFRBG1iVmXuXGw6xZRwWI2WaTLasCJTyLZ1jBpSr0EYK5eOncn3t8UlHoA2aJDiRmxc2_zrTzSD8mWPxJIYozLy5s_Gd9Q_Zl8ykC6oj2TPIbNEIlRHQ-LOTvWJWgtHpsOsIFN5dVCSJBhb2VS6t7E1pT2Z8vdnlykOZEteexN-B0oOMQVtGygkc3hICwz3QAjwBNRlwJR8ZcIOC9wukZTsbRFlDI5hS5X2PUGi1gSOdqxrX7eBsgcGrLJSdSXYFd440-kEITgjZ6SZkDZag3towAniTF1xL0xWNRos_8CwkSMZazyUlrqAD4s1PbcTXZEpewcNLdPZvBes9Z38RuZQOWYuqj7FTdc9koPr_WxJmv6myYVcl5GSyiQcAtbmHFY61x9O9ZBbP1aQuOTf0KOtwwdAph44S9eDF8J4tInMavcw3r71UsEx9WahLyk2Yr-8I6b1puSvRbzazSG79a-LXY4WbHa1OytlrrjraZ5mUPFNcGPCWL5YIWOJymeG97N0H0kbks7WYGvLCRaoBY7Dq9_4dwiSbg41x1lfs2acrjfV6WyWfughsdLdAqlKJJPmHKcWxYUkJWbH66ExC299iJOtCGMwRSFAM-lCDpj_K00noYWsUiEFCCJEdofqed5hYv0stJwAohDaO0OOI6Ie3Ft37osyiz-2e-GBYWabPYC7-1Kviyf6MsZJTEauh62gjYy-evtCZFEsqXYmlhVQCI_BsDJ4lbMmPEe7MnojVLgNEa81NlTM8LaN9BF4VQK7Rxsfqb5XMU5QzOKsFbsm0QaKW7TJqZjiK3RT_KtE7reoRe95NTXAyCaFAEQsYemnQfy48SemMxe2LzQ-2dPW4cdLRz8w_yx5cACodNku8JsVb6LgcEpwnrSWOdBnH1ieLuchzMPGNfCd3AnNu698fqvQg1O0buy3MhDSAgEVWRszBUlUvBaCDBL9jIeeI_1AkUkq_0ua1ZKLpMbhnbLXPpszRvJ33J-LlbH8I5W93XHKvqmbcOURVN1x6RGZ8TAqE67p5LHB6ihos6vONgVf9L7vuaefIIbwGEwsi_meHlcaa5LX1-42gTzMLgi82-U6P1oGqPkMLqfZa5fQhErvRvWA_emdf697WoOlCg06-xYYlJCinwDLAr1Pr43TY3LKZya8caeEWqdoOHSs4ri9i_oKfhrieDLSoUpmVtUqc8HwheIWzFY2uoJcHYSBlEgv8ASl4oa9QNICQ2UbH4WwBQaQc2P6EuJjSfmMGZoQpJjpy_QgiMGKvufQGhHGwnkvv0TwDm3qbmJ8sgDcARzDpF1H9ySwYyoNvVazq8T1YSZScbGX28pakUi0xbeWGTH_VODir_H9H5hpMPgcKyQBW-6HAB99SvtKxkrCHm4TBDPzyMQwuHJ9TBmiIODPUjUzPebmhxAFqUOKum0EGRoMG44-J2Ff4JHogttsN5sMByFKtiuzrULDwmBmSj2s2M39RUo6NPETkYZap8VFL1BcYUgeQLJ4rXoQ29NyrLHxtTjZl8hAXcpdG2a9ceB1Z8TKK3r6ohxzQcCJr8DVpGTj7Z3wSczmcHyXT05QTjAMAmOGc90fQaXadHfm5LI8qGpmaljaH3U76GLsBAfoSyDv9ZpusfHcHFmmgi1UYEvTyn1APDQJJmL1omNV3JFQUmISP6u41jV_iu0BPhasCSJIX2s_upgmTVaPLfBKytlTI8FSrK8F5lTopO9Xwcz7BDVPS5dz5nlxMjld_iKBX1kLA2l67v8bqWQBJYXQcozBM1lCpW8MROOtSlGcbghSuUAKq-FZC5-iHoq-L6bs0bSipSCzpQI9QX1DYMN1Q6_5FAWfgl5GLvYKh6T-rwxxTSORhlWp_IZtDZtkWPz835e8QqN04PFGeVdjm29arOkXbwnfH1S96igC4bzU33lj05LwWqN7taJSazKiE404Gag4ruyVuK9Wi7mmuh1-eoNx11s1Iba8EdU8gYtn4AR5ih0SKJ4U4CWuUUW3fFIEN-94QVG0&cid=CAQSPwCsnQUx0t9g94kVbV7f_Forme62GpV-qE8l7aTOR89LmiWAEvnJdlR4304qfKDIfMhToYqIP0_5XD5T0ltQEBgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: 261A053E8B7C8B348598479C7FCDE8CA
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNWdQp17K9btHi5eLMMeI9Kl5NL0YG2loCJh0tJkcois-2e3D36aJoSgyvL3Am9PJ1QfLIzhoR0OWz3c7OsooYdAttll4L35aG4OsaRUbfNB6NE1Knz1AjGu-b38_Aa8SjiTxubx3aFJyCZBelXO9C_3TZqlJLMbUhE6p7Z16vYTApOdMjw
Frame ID: CD77FBE95DE56B298994D10097ED2988
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzP8jb0KZmXGW6Caawv8_Zfbiv4zqc4xDqF1xLPeL2sTE_e-6BPkxJp2C9ywm9O0xyl7zPvkpyLEjx_fQPyq1QRCDI2yKHPqVmLoHzHM8I54kDmikKTs6gH0bCrnni80NnoQN_P7_41-Y2manoOg61xnMt_x2zRAKPhHNETNN1Of8Qcho&dbm_d=AKAmf-CbgTA-DrTmwlMiz6QplbUcmTcgpvlBMxbI5k4u3pzagjjrBHs5ODGeOxgMpnjTH6DnC6QC0l8sK6-z1nYZVm6lHoX_Y8CI7YZk-Uqa8vzwx4rtUfFWLpK4LxX4tIR6ldYe6o67smfVnUXhR8W2SMxb-bQ2Dca9AT2YSxwCvQ6Tji92H05tIP6jhGR-Ul7gM8jr_UvFjyFcU57XNNNjNKPX85YUzXaDG9LGaBAtM6lA9taBId8Tn6tM81AvSrqDHlg1GbquJtbAjuMC4mgZYCKApSDp0Q7TpWsJpNjtPIdFOq2dE656-R5C_p_l7do7gDIVxPjljVx7ea9UwGPj3MHQ2MexizmMVPLUEs4UxI-ztX4Mx24odAI1rLnfzwW4ptDlq6Bz5uXubHIWgsvVJeZTXMR76FH34Qn7D-rZcaXZaGI7Ds2rQSyDW7Whip0fbk8xSbW86Jst4Vfp0So0gbvDXHM4Hq3Ij6B_85PlELMPWieKqe-G3lo085tMcAICmxLPxSRAnGdwQLZF8GUggVTxpNVcn5lOo5bnvli0RsxMgsf6ChGjTl0y_CNLr6SWj3tHqm07d_ZgKuBZ8AtK0Pe6kt53gKVTrseiooxCBQ5TSicuuJWdyFiH3V_GHyukQufSWQm3yfQ6goaEuJUjeZMeDxa8AjcEttGGNham3IlECsh_VbKTIUTJX1mjK-6PLRp9C2haSJpN1AblngBxKRz7pJflUTqaBHKJbQjTJaX1Quf0FijzQEyzyA94MptKyevfg7vwsVYt6R4YK2HbDjyFulmdBCa7l5vhyce7R-B5fRYqyxmXEgag4ZgugllmCkNisqdsP39a3KPLTUo_Ms6KFxBgqXBLGxXEnOn7X3PtZEI_bkEBqpmJlMfRCLsaC3etb5FilWP8mApkmJ8koQE3Qc1BSdB6J6R06VYY6pIllHLxawTDhRsyOW1Gih6XI40fzAWPYXxMqYPpyMrr7pHSJQUy0L-obJtr2YvEpqheuBTRn5ya4xhsLw6Z6Q9mmVcW_AdWyiny_hqthC_xGpLBDmBTd_o-RZFv1ZdfU7SJ4Jv8Ggnkj-omZsSN0o0dCubLmnrolMOZGPAKmK5oQeR3EzcAuhYEWXGZ32YeXuY4pcGpEEwkLmAoODvTusu3SXrGq5wCUynG9_atEe-bhdzU0tFCbJmPWcx-3_zVx_oQk9YaCdBW4c23C_cxuz1mtiiqsrKzadOp_8lUSoQXOXO4pDEKVeMDdAOWTlKc1K_7cQmm5jkXClyxi5_r01pRuEW3wyT9pYmeTPRnGJJLN_J8oDqsI3s12u_CaKlhaALqHqwCBaLXZnfIRRH_SreAtuT0J0RjvwVzesubSSR98kYomGsqelrElVqiccxEBLaOGvC54gMj0qDIUZkB2ofA4LNgM8XwrpRoHI65RV8dslZZ3fHRMUqGFV3cImxAku-psiY0SlmcCUUH74-rm5d7AbKwgI3IDKiVTgKHxViGOtrbj-X08PguYUXAUVLt-1WfloyoVkD0CLxPraImfm6bfTuNCwyhRoEUJ2PInPpSPZuvtNVdF-vo3rlJ1uoX-8-tPOPTH20NoRsP4sxnrwvsDPpfMR8xn-XxbFKFRjgJ1N-sUKS9oS-cDsOLVuLsTLoUxQwGykzWpMwl6jodkXrhVd5dxEO7O2bGH_GuYlvliziptyrpEsS2MMc9va23IH9XmaelCY84nrDhuBPLdE6c_pl1_Q4oyNE3a3LwOqPJuJGzfbom73ZNrUPJETiqKbMBl7Hq99PWcAzOVlI7yEIpm12u0t73jN-k7lp6YDx31z0RUrerfPTuY-01Yde4h7mcFAw9Og7Uhw6uMFFOIx5uZGzk77R5M6XKhby-vXYLLvrV_Q2wX_6cJJ_oKoeWwxTzvzQpdPzmozD7S8KVInmFD3ziZeRwQKKlMbyleUekjH2nbC6G7nSbtKnVtbSdg1rrNDuHT1l9CNM_7f19mqFg-lzkIbIh9puPlCKdtkDIwDXz5M40lNGnSGlUezajN5ruTkqw4eR8qngXHL9xAmtAft_Uv48cVC7Ahtzd7akvrlbkC0T-h4hTTolUVRYZq4RZQx4EmVy4-eAVJOy0UVNZEwPmoaRttrbZZGqAIVpVAdFGvge3l7etr81OujGMbHvf_qRe-AyZzerbq2f65Vz2ZfZJ0zdg8J_bofvMD9C9JpuJEi71VotWypYDsu494_498hCm2NSPpnFpmugdpzGKyYCK1G5MCS4uM72IOP5snS21WB-2rsUuJUamYceZA_405nlGoY9im7fzVKv0NxMrNUu5Gd6Cs6NTrYeD73CV-EOkICestP1Xcq8SqrAZ6OyMU0GcoDkH6oUZUD5NrzZT3cpxRHNgRu98ARp9rOho-9JkabE_4_mCoeWD4vDE0VbVjcmm9skHtsdTujndVuTMasa-K36EQZ5AUZu4xGgwpJpBvJmzXnbFvkEDIfE3kFwUeHq5DYgsYqVkWssAc4Est4EqVJZfcVyD70hO746Rm3lCmR52wadKDyPullb8D50peL6bSPcA5ZNTT7FPt_b2X8wBhkTTrSp9Mk1Th33_5qrLv2pptzz2VlAq23Iw_i9O6oJ03f5_S2I30S-Vwxx2b10E3vyqiqcltu5b4sOCegOAgtpcvBJ0zOWFyBfhUnOKQuZDZU4XvmC5aGk6wCsri_V0CdYq3fslwBSTEepER7fp2KW0fZF1zZdAcGDhwrOXUo0md5LFKG5cdk0tXK7218lOauR8NMRJnZFrEx3-2ObQlmH40Ncc6m6KkqStphjZYj6oS5vRWoLmsynVIG5GX7H9zjg2teg03cwaW7e79ekYEIa1D_9YlMmNEjV3H-xxSQ5azswdXAT_SyZz5hOMAIKgcwLK9hHjGdxs_0AaJIKaxx93BSG1qmL875Po8K-hvk8XtHa_9j40ysqu6IPcLmVfebyAm5Uik2VymUGPWSdBrOkgmcoUrk_fFApHr74gUVlVexEkKkpDXx4MzEUqPXPENLAOHlw-LVDxzqEZwWoxjqsujvElw0tlRvlJWHxl4FU3K1snf1ZzezYcDYVcyEalwMkD8tf0dKmF9v7AJfFu65R2_vQPibQozbzT8qyJspWzXKP4TYeu32rwS6xGF2pUBd3dfaOMU-LXL7isa3Q7lcSdVslGittTv-K_YfbJP155P2NeJ3eMPApNv92uzqLZY5YG7wJsI6lGk4-FSyrWnvG0NBmdmPg_tB4yUQ7wrBuVxHyO6JDz-rIJMykdKJJLcjqhmTtGGvlgVT9ScU4L-mB9YSW5yeme8S_b2qXnXrmMfY4eSqgsRUVW2-JM8BMwzrBmQ9z3_RKGsm-MrD4ttuaQCX9DZaKGw3G5Skt812l6Lbgh-dgPXrXJ4b4rsmfxQGXBJvC_8Fxkl6hgke3jCMNhO5Egw7B0d_Gnr8EAvmaS5t7xAEY5mCRbkLxpiqP2rJ4sILOdddb4csMBBGzajhP-HXBg4MzYEFFhKtiFshzMHzYuGAMqlCoTP8gt808fODh06NquUBUNMw9HEGI3yC73vw&cid=CAQSPwCsnQUxpjs65aWrj1ArRr6tu-xV_HEb3OtM3a3SslwTei_WzNbQGwHImdTL2kP2mB7nSPRegj6K30d6n6EH7RgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: 3A6884EBC32FC43B8E6415E27A921AA1
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DA856547D1078B04A0C3F3ED7499F46E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 144D42AF5E98D17CE169F35C64BBBD3D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: E30389140752BFB4CCB9E69344C82F6B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FED33D2F5049CD90FA0940E3ADCB78C2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
Frame ID: BF3D3E8F1EE0244265814B074C1AD474
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D17B5BC3AC71FCE2891559ED3EF25D8C
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
Frame ID: 93B531C6BABF541A8070746F1BE68AEC
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D3CF23C0B1E7A53EFDF322732030DAAE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB1A37223A5933D1E0682786ABD385D8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 68AC363F477645484749A03A509AB21B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
Frame ID: 6D680875BAB416E54C91BDDD624B1E9B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2227238825F8CC5721D9E8E98F78AE1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8B0B122FCABD33DD9AE419CE8BC35F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B64CE876C8589A4902A2AAF5CDC117EE
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F888C3485CE42A70125C3363BDD5239F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net
Frame ID: C0FC4B0AB747B399A775DA528314B007
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: B0EA324F0C817C8DE97BB96835844E60
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34BAC003321D9ED11879A23ADE6D10B1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 25D6E07C0E6DDFB26741A270EC1BF97B
Requests: 1 HTTP requests in this frame

Frame: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8CDAD03A3372389269A2704A55F0D474
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQYwafO1AEwAQ&v=APEucNX_yZC9Gz8Esq5FZcrttGFS8D_atMCFBjaeMWF4S1U5yAYu4qADMYZnkvXEFa3Lp29vCDpcoqL2kDfQsUtnAdG5KHD9pI9GWvrFxNSPto9M_RhwMbmMtN3Hz3-ccE-x1LscSvn-vJuvH5KcKV1aHqCCOosVe8WA5w9xU-Ze0HXD6uxuM4I
Frame ID: 9CE269F528DF620E902DB3A7CF48F211
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB407272B4A546369D2E7D9CB4F3936F
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 591915DF8E08AA640B108DBA8228602C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/169696/4071915/index.html
Frame ID: 5F14F8C319844471555501C3EFC32723
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F5801A3D05E1DCD3DA25317F4A8767B
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net
Frame ID: 070D01FAC2B6DCBA082DF39EF67D19F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بين ماتش - bein match | كورة 4 لايف اهم مباريات اليوم مباشر

Page URL History Show full URLs

http://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/ HTTP 307
https://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/ HTTP 303
https://kooora4lives.net/beinmatch-4/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

461
Requests

92 %
HTTPS

40 %
IPv6

56
Domains

88
Subdomains

72
IPs

9
Countries

3956 kB
Transfer

10181 kB
Size

51
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yalla-shoot-matches.com/home/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kooora4live2/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCiW5olCzHvNKaPTPGhdsj7A

Search URL Search Domain Scan URL

URL: https://www.yalla-shoot-matches.com/bein-match/
Title: بين ماتش – bein match

Search URL Search Domain Scan URL

URL: https://www.yalla-shoot-matches.com/kora-online-1/
Title: كوره اون لاين – kora online

Search URL Search Domain Scan URL

URL: https://www.yalla-shoot-matches.com/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://www.yalla-shoot-matches.com/koora-live/
Title: كوره لايف – koora live

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/ HTTP 307
https://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/ HTTP 303
https://kooora4lives.net/beinmatch-4/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png HTTP 301
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 156

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1665989760568-965177218956-006093-006-009538&key=d8475696-b4f0-4f2c-8ee4-168ff117f5a3

Request Chain 157

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1665989760568-965177218956-006093-006-009538&key=OPTOUT

Request Chain 160

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1665989760568-965177218956-006093-006-009538&key=W82utIzw2MY4&ev=1&us_privacy=${us_privacy}&pid=562704

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0z8gQ3-pBrTxlPKkBDStQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDdcCBzzUYzgwZATXREVtgU&google_cver=1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1Njg0NDUyMTI4NjA3NDU2MA%3D%3D

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFYcVjbqL0PjHfjeGTmQv3E&google_cver=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEL6sv543blAWlR6AMJi5YyE&google_cver=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByUpFO2p0IC71XJxG4RA5g&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByUpFO2p0IC71XJxG4RA5g&google_cver=1&__user_check__=1&sync_id=c2ec3c32-4de8-11ed-ac64-1a3233820406

Request Chain 223

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=c2ec0d13-4de8-11ed-b5a3-11372f1a0506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YzJlYzNiZjEtNGRlOC0xMWVkLWFjNjQtMWEzMjMzODIwNDA2

Request Chain 224

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wbm51U0tORTJ1R2hHRFR1TkhZZ2VONVJmVzQ5eEVYVH5B

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGLx6kYOY46bCygGyg06uTY&google_cver=1

Request Chain 245

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 258

https://fw.adsafeprotected.com/rfw/st/886862/62195610/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_gfxMY5_kHI2g9u8PwsicsAg&cbFunctionName=goog_wrapCb_gfxMY5_kHI2g9u8PwsicsAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkooora4lives.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:411a0d35-296a-9058-56d7-582461491957,c:rhwDnv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-b2qng,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tkv9g98+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C161%7C162%7C1711%7C1712%7C1713%7C181*.886862-62195610%7C1811,idMap:181*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:33,oid:c2eda9b9-4de8-11ed-b30e-ea5c772c62f2,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 317

https://fw.adsafeprotected.com/rfw/st/1191119/66022382/skeleton.js?adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:434bdb3a-ff55-fe14-ed1f-abb8da02bb27,c:rhwDxJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-84875f4857-5h7sb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:913,mot:0,app:0,maw:0,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:944,oid:c2e59316-4de8-11ed-a339-92d3e092fd7d,v:19.8.355,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 376

https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ciLdfXxEQlA5a2xLRi9QR1ZwN0YwT24rVGRja20rZlNFNDh2OE40dXpPVGFxM2l5aUkwajhpN2pXWWpFd2x6Q2dhMjRyT1AyUDhPb1lnUit0R0NvVWdTcDNKQjhRUVR0dndxb2I0M0ZpaUxKdE5tWFg0WE51YWNLcDU4V0N2b1pTTTFxRmNBczdEWmJmajZsMEowUWtnQjRiMU1JMGFGdEd0NCtqNGo2dGs5Y204SWxpMXc4YW1US0c5RHJhdVZIRHpMa05TUUJMVWpVK1lLeHZ1RXJ4bGZReFJsdmgvT1FJeWEwbVJheHcvZ0hBek1IVXFoZzVDbi9DN2VBMk1CMjZaN0xqWWIyMmhpMlBkVFBxUndZQ2IwWlZjUT09fA&cppv=2

Request Chain 416

https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/1191119/66148304/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kooora4lives.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkooora4lives.net%2F&gdpr=&gdpr_consent=&cachebuster=162334.16385331334&ias_dspID=3&ias_campId=1009124678&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=18470479639&bidurl=https://kooora4lives.net/beinmatch-4/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iWVZeBrMjlcyeuJvrOrpF7&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f56057e1-576e-ae7c-75f5-1160b0e26750,c:rhwE2v,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-tg6ks,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tkv9gOe+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:c49b0af8-4de8-11ed-b603-b2e9a4342133,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://servedby.flashtalking.com/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kooora4lives.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkooora4lives.net%2F&gdpr=&gdpr_consent=&cachebuster=162334.16385331334

Request Chain 427

https://ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/B28643978.347102681;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&218332841 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/B28643978.347102681;dc_pre=CITai8HX5voCFV2JdwodV78KZw;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&218332841

Request Chain 432

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPYtpXy7xyF25ySmY5QFTCo&google_cver=1&google_push=AZmPxg96UeWMjyGFaPBI-IDLqtVVNbh5pH5LdA5tSaKuDFPbHXCapdndadmH5Fj_N_Vw-fiMfq4ANumct2IPdpf4q0JvTb889Vo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg96UeWMjyGFaPBI-IDLqtVVNbh5pH5LdA5tSaKuDFPbHXCapdndadmH5Fj_N_Vw-fiMfq4ANumct2IPdpf4q0JvTb889Vo

Request Chain 433

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG-KJVErtSCgt70Pt6ebEaI&google_cver=1&google_push=AZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG-KJVErtSCgt70Pt6ebEaI&google_cver=1&google_push=AZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 434

https://um.simpli.fi/gp_match?google_gid=CAESECNNNJMxOjsuxr503_MJHR0&google_cver=1&google_push=AZmPxg_uKNJQYAHzdkRqyd-prATmPXlMLuF4MlziQFi8oA6UI-4F_XzXrGDPbrG8MeDSP9FBT-rFffBTNMqnVXwCTeKJzBTLLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=16D56E6BA38E46989F1C331A79F95C4E&google_push=AZmPxg_uKNJQYAHzdkRqyd-prATmPXlMLuF4MlziQFi8oA6UI-4F_XzXrGDPbrG8MeDSP9FBT-rFffBTNMqnVXwCTeKJzBTLLw

Request Chain 435

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMVofqMQo6oaTOcn6_-567M&google_cver=1&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm35nqnnQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMVofqMQo6oaTOcn6_-567M&google_cver=1&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm35nqnnQ HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ded72e47-8d6e-426f-8e53-9b07ab09dff8&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm35nqnnQ&google_hm=M7xarsytQOyLZXnJ1A-JpA==

Request Chain 436

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJnUZjXYkDH_nE5cb2Pcsc4&google_cver=1&google_push=AZmPxg95WRtzG0HsrDBnLtU_qJayHDZDy0xWjq1Z0ynuneplwKHHU3wYHhhYKVQEebeHD4Y3vgREkW1VeOLAEnfUwA9fndVCKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg95WRtzG0HsrDBnLtU_qJayHDZDy0xWjq1Z0ynuneplwKHHU3wYHhhYKVQEebeHD4Y3vgREkW1VeOLAEnfUwA9fndVCKw&google_hm=Nzg0NTc2MzU0OTUyMjcwNzMzNw%3D%3D

Request Chain 437

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGgUQ9laJBCeTSZ7cJYhkiY&google_cver=1&google_push=AZmPxg_y2ASxC1E7EXyWdFmw1De_laS20hi9Jxl_rmTg9oqHl0lmQzD_q_KCBu8ozZWlX1GDqxIyKD9kD8FQMG0PZVzF8y5cUg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y2ASxC1E7EXyWdFmw1De_laS20hi9Jxl_rmTg9oqHl0lmQzD_q_KCBu8ozZWlX1GDqxIyKD9kD8FQMG0PZVzF8y5cUg&google_hm=FfqgrBZHrpRAr_4YQu-qiT1G

Request Chain 438

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOGrV54Qh4ZQ7552XCzplxc&google_cver=1&google_push=AZmPxg_tRCIQZXHLK2CDLGnOwKi31a6eIcnkresMVNDO_ePB4gQGXKS9_wjNtSFAQP7myJtH0niXoIFmsxC-XYponL2eUFPlzFbU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_tRCIQZXHLK2CDLGnOwKi31a6eIcnkresMVNDO_ePB4gQGXKS9_wjNtSFAQP7myJtH0niXoIFmsxC-XYponL2eUFPlzFbU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 457

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=HzxDP3xKcG1LSkprbTNqMDlrUmVETWNMMExoS0xSazNZT1E5R1paeDlnUGZjRGVud1dMMHAyeGU3ejRHWUd2TmlKdDYzN1pBNVRvNUsrZHlucHcxWSsxaEVJenFnT0pDYUp3S0l0WWErRWMzSXNZRTZMVzBQckkzOUxQeWJqc1FhT1h6WmtPTXVlSUtEZnBQY29ocUt4dUFZNkVZM3l0bFVnWnlmMXBxRk1wTUlNbmVVbmNBTUIrdDZSTVVnV1Z2UTNlNm0rZ2ZxMmJPR1hUWENsZzM5enkxSTh3ZGZRaDZpejhTZmtUMVRxa1JsTndWRjZLZ1Z2NS8zcllMcE55SjhnVGVHQW1Db1I5bmxRU1JiMzFxK2lsOTgwdz09fA&cppv=2

Request Chain 474

https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=3&topUrl=kooora4lives.net&bundle=JEKcfV9LNkJHanJQRTBvRDVvJTJGTGFQV29vSHNSdWdHUm5JanhnMmlxaUNZdjkxNVRwcE9JS1g0Z0JlUHpvajhMOE11cG5GQyUyRnNJbUt1d0olMkIlMkJ4enZnNUY3bDVSZXBBRXl2aFRVZHhHUnElMkZ3U2FWZU1icWFDRzI5VkFvJTJGSWJTVmljdVhVZlhHWjV2VDJMWiUyRk5LT1llaTExaEJHQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Ob6XnHxIOVdpMkVZbDNOL0NTWXVQSDVVTmNuclpZNFAzODVIaWRmNFhpTGpJWU9sVTRnMTk5cHlkMlNRTmVSK2xEeVdWcGNHWWlIWGZFcWxZc0xZVnlBM0xocktJN3VyU3NRZitOWW9QUkRaL0VGQ3FzRW96ZHdXOHpTVGloMlk0K0l6NWlaeVd1b2V2QzNvWm15THNoSy9oSSt6OEVQZ3JhbFRLaFlWVWRSZHBKN2Fhc01ySTMzNVo4VkdxWXpsbkZLMmZRL20vc24xckVJMUN4NkNxYmVDMFZQeUxSbFRIWUZOVFFkSFdsaCs0a0hocFNrdkpsT1BBMUNDdXRUcEIrR2JKNUNQMFpOaVp2MGJsaWFydkJwNGZzOWwveHRQZG40eGQyeVhsTjhEVG1vcz18&cppv=2

461 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kooora4lives.net/beinmatch-4/
Redirect Chain

http://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/
https://kooora4lives-net.webpkgcache.com/doc/-/s/kooora4lives.net/beinmatch-4/
https://kooora4lives.net/beinmatch-4/

68 KB
17 KB

0ms
0ms

Document
text/html

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora4lives.net/beinmatch-4/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8b550232dc2fb0eb940b6ed0a483a56bb77504b4ea3f8cfeaef032c5fd31e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 75b5948fd320c4b6-SEA
content-encoding: mi-sha256-03
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 02:24:51 GMT
digest: mi-sha256-03=dL5emeI8V5hUjUNyOjE9BIO+l7qTbHS8l8/E0QT6vaM=
server: cloudflare
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

GET
H2 200 cert.pem.msg.XrVY5mKVLPQm7LlDihpsyQX79zQ61U770mmW1MKTlbo
kooora4lives-net.webpkgcache.com/crt/XrVY5mKVLPQm/s/kooora4lives.net/cdn-fpw/sxg/ Frame 0
3 KB 50ms
28ms Other
application/cert-chain+cbor 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora4lives-net.webpkgcache.com/crt/XrVY5mKVLPQm/s/kooora4lives.net/cdn-fpw/sxg/cert.pem.msg.XrVY5mKVLPQm7LlDihpsyQX79zQ61U770mmW1MKTlbo

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/webpkgcache-team
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/cert-chain+cbor

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=86400
content-length: 2142
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/webpkgcache-team
content-type: application/cert-chain+cbor
cross-origin-opener-policy: same-origin; report-to="webpkgcache-team"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:55:59 GMT
expires: Mon, 17 Oct 2022 06:55:59 GMT
last-modified: Mon, 17 Oct 2022 06:30:09 GMT
nel: {"report_to":"nel","max_age":604800,"success_fraction":0.05}
report-to: {"group":"nel","max_age":604800,"endpoints":[{"url":"https://beacons.gcp.gvt2.com/nel/upload-nel"},{"url":"https://beacons.gvt2.com/nel/upload-nel"}]} {"group":"webpkgcache-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/webpkgcache-team"}]}
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rocket-loader.min.js Show response
kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 43ms
11ms Script
application/javascript 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 13:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"634571bd-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwEgjH2RT8g1C6QRkyGjumEUTT44hUXv0MN4rqzjb5X40HxvvJbNZ36OsbgqoWdx0U04j3TIDLlSnltyQBcmNB65t%2Bgy2%2FDLbV05WJRNK2u8i%2BUAyt%2B6N8jgXmgQnJMxbAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 75b721be2d8b9b52-FRA
expires: Wed, 19 Oct 2022 06:55:59 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
kooora4lives.net/wp-content/themes/AlbaKora4Live/fonts/ 56 KB
56 KB 16ms
15ms Font
font/woff 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/fonts/NeoSansArabic.woff
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://kooora4lives.net/beinmatch-4/
Origin: https://kooora4lives.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Dec 2020 21:53:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5556
etag: "5fe1194b-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I324qpB5FV5NIHPAHdv0FWLM1C4zpVmJnUcRA30jPiFTsLGXVWOaf%2Bbto0OwZPlZJOq%2B5yL843N5bMw93pvSrha9eSl9Lnx5z8JfEhWJaSXp6qwGiZDbbQM0gJrj5hn8%2FbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 75b721be2d8a9b52-FRA
content-length: 57364

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 lazyload.js Show response
kooora4lives.net/wp-content/themes/AlbaKora4Live/js/ 7 KB
3 KB 16ms
15ms Script
application/javascript 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/js/lazyload.js
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46309
cf-polished: origSize=7249
pragma: public
cf-bgj: minify
last-modified: Mon, 21 Dec 2020 21:53:15 GMT
server: cloudflare
etag: W/"5fe1194b-1c51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fkhfGfnN1H3XZCNeT0JPM2YhLJpsDlK1yy%2Bp4h5OsY9XPpmRutna%2Fh4c330Jd7JatFGXfvRd1G5kSuxaHU9LppBzvvcNEHcxJ2dVzkMaAHwzqK7UYxPipcneebwX%2Bh6RX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 75b721be5de09b52-FRA
expires: Tue, 15 Nov 2022 18:04:10 GMT

GET
H2 200 lazysizes.min.js Show response
kooora4lives.net/wp-content/plugins/ewww-image-optimizer/includes/ 14 KB
6 KB 148ms
147ms Script
application/javascript 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=691
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495047ac37d6b00300a23fba8e4a2f690a41630860276b4c3f3215ba212d317d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Oct 2022 20:44:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6349ca2c-3843"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15aEc8M2dQDJJ8U9uCzUfHDEV5riCOx9tLNfPg4gF5uh4DpNcqqwG%2F7T4Pds6H%2FUuZbChl4vvORJfF8aC1craPfEgB29%2FMZSpbv%2FmncINPMkavpq0sgCRKhN6BdbxQixSKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 75b721be5de79b52-FRA
expires: Wed, 16 Nov 2022 06:55:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-150096121-1

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

359315a20a2c252ae01995ba36afb3aec5e223ba5ff80f71c803640785b3db76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42482
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 06:55:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 61ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af73625499971460fbee3b86b049a31830c236e0cc8af4f7189c8602113eefe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27647
x-xss-protection: 0
server: sffe
etag: "1366 / 57 of 1000 / last-modified: 1665796911"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Oct 2022 06:55:59 GMT

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 24 KB
7 KB 87ms
12ms Script
text/javascript 2a02:26f0:480:b::210:f1cd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=620a5bd04911372f7d67f1fa&AV_PUBLISHERID=620a5acab6e80f22ac327b74
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1cd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 210577a3663f87e726ca5c74f17745d48c43694ce66bfad6b3e869a2d713d527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:55:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6183
Expires: Mon, 17 Oct 2022 07:00:59 GMT

GET
H2 200 kooora4livesdynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 146ms
90ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/kooora4livesdynamic.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a7376fb82a98db2648618531d9102664c07f741d3d25501ffb9d5b7103525777

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 01 Jun 2022 14:52:10 GMT
x-amz-request-id: tx0000000000000e9545356-00634cee89-5c96400f-fra1b
etag: "3cada13afcbf112eafe5b390979c2b4b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1665989759.dop109.fr8.t,1665989759.cds107.fr8.hn,1665989759.cds157.fr8.c
content-type: text/javascript
cache-control: max-age=26
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7966

GET
H2 200 kooora4liveshead.js Show response
jscdn.greeter.me/ 8 KB
8 KB 147ms
91ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/kooora4liveshead.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

fd531f9dde4d22dfe6cdebb61d03aaaaca6ccd5ba6b8e09b8f50e9fcfa6b6314

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 04 Jul 2022 08:59:54 GMT
x-amz-request-id: tx0000000000000e958e7ff-00634cf012-5c96400f-fra1b
etag: "29691e1a700494c3810de424aae1d857"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1665989759.dop109.fr8.t,1665989759.cds107.fr8.hn,1665989759.cds231.fr8.c
content-type: text/javascript
cache-control: max-age=419
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8351

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 61ms
10ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:48:28 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 212995392

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150096121-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 05:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6002
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 17 Oct 2022 07:15:57 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 317ms
102ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4625840&@f16&@g1&@h1&@i1&@j1665989759804&@k0&@l1&@m%D8%A8%D9%8A%D9%86%20%D9%85%D8%A7%D8%AA%D8%B4%20-%20bein%20match%20%7C%20%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:123007060&@b3:1665989760&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: c5f0a05dcccb0cd97577bcb5345dd9f34a9090738b521ae356b2d605cbed62d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:00 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H3 200 pubads_impl_2022101002.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 22:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131337
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 16:09:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Oct 2023 22:15:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 349 B
182 B 34ms
17ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8175f6ae95283cbaae5fd13d8c0374226cbeeef26d0521dd0f0a02dbafa9e6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
expires: Mon, 17 Oct 2022 06:55:59 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 72ms
8ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6837
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=620a5bd04911372f7d67f1fa&AV_PUBLISHERID=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduGB2AlLYWO9z1o9MZw3py8-TiNXy0xSw8Y-H7jVVYgkTfXYOmbJIkYFFscMkPtM6TY0pxalGwhD7xlrfFFZLZYF7lWag
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-generation: 1646327924579580
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=DITkQg==
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
expires: Mon, 17 Oct 2022 07:00:59 GMT

GET
H2 200 track
servt.modoro360.com/ 0
71 B 349ms
98ms Image
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=620a5acab6e80f22ac327b74&cid=620a5ad6cb35c5271669185a&cb=1665989759829&r=kooora4lives.net&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&d35=&d65=ControlGroup&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=275299180&t=pageview&_s=1&dl=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D9%8A%D9%86%20%D9%85%D8%A7%D8%AA%D8%B4%20-%20bein%20match%20%7C%20%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=491754030&gjid=307534143&cid=937134123.1665989760&tid=UA-150096121-1&_gid=306564067.1665989760&_r=1&gtm=2ouaa0&z=194273341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:55:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 72ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 610ms
610ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=2459471959725491&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_300x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&ifi=1&adks=1477491321&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665989759922&lmt=1665989759&dlt=1665989759666&idt=218&adxs=650&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d83975eb44eaa25c84fbc01569e39c51d5d727e9194334c628e4a90d3143309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9833
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 386ms
385ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=2459471959725491&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=468117667&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665989759928&lmt=1665989759&dlt=1665989759666&idt=218&adxs=650&adys=158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1100&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77a78f673677cacc26881e1c993df4bfa063e57e8ba49edd4d66d5b084df4100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11833
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 884ms
883ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=2459471959725491&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3282943425&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665989759930&lmt=1665989759&dlt=1665989759666&idt=218&adxs=650&adys=316&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1100&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

809bb23fd2558896ad8eaa7cf087b4e5b0c869e033b6ec5ccc7bc1073fbf3bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8284
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 1220ms
1219ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=2459471959725491&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_336x280_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=4&adks=1706553159&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665989759932&lmt=1665989759&dlt=1665989759666&idt=218&adxs=632&adys=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=1100x66&msz=1100x0&fws=0&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7149d67f4251cd54a60c44f96066aac810291d8637b941e74448fa9aaf54358e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8852
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6ED3 6 KB
4 KB 97ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

logo.png
kooora4lives.net/wp-content/themes/AlbaKora4Live/img/
Redirect Chain

https://www.kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png

8 KB
9 KB

21ms
20ms

Image
image/png

172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
Protocol: H2
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb451155dbe12a0b7a999e8d968b8a4f00e04e3010b1058723f16bdd659761d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46308
cf-polished: origSize=12374
content-length: 8546
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Dec 2020 21:53:15 GMT
server: cloudflare
etag: "5fe1194b-3056"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMTK5WyDOJNktZgC5UbKh%2FMFFE9ZinyMZiC0RXnTfMpWy4oq%2F3PXH3ygGOPjskQetyehWNc9B1y9x85UG4d3QzjGTvUP1LKWepjoVOPYKkiJPSlNDve5CaiOS7WPxFOoBhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c04abc9b52-FRA
expires: Tue, 15 Nov 2022 18:04:12 GMT

Redirect headers

date: Mon, 17 Oct 2022 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BFu%2FxfmipCm6hBa4uBH9us5zzj7ENdITSTrn4c78lLy8g%2F7kqhFmPnEAjnkFZm5TAGZHhsQOJJ8Nl%2BCjs7PhoHU04Ai71fVzlcgdwoLJHRUQIMZSiu7rCakbPTiXUcu%2BVsFV4WW"}],"group":"cf-nel","max_age":604800}
location: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
cache-control: max-age=3600
cf-ray: 75b721bfc9749b52-FRA
expires: Mon, 17 Oct 2022 07:55:59 GMT

GET
H2 403 download-12.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 57ms
20ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-12.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 403 download-8-1.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 56ms
19ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-8-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 image-2-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 9 KB
10 KB 18ms
15ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/image-2-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fcfb54e57e319af758a54207b3f3a4ce80b09dfcb5d1679695e3a05fcd03a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46298
cf-polished: status=not_needed
content-length: 9330
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 17:37:09 GMT
server: cloudflare
etag: "634c4145-2472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9KUWSQ%2FHjjddmE%2BnZq2KV3mp6Fck1dJvi6jOyMydaqA4gHlVb%2BVsNchddxBLj6Hbgc3DhzmxCvWsDl6CLr5sAW%2F%2Fk5IRxmRoWY%2BWpqfn6oaLwSgVffYd3%2FBNh%2FM9GTwC4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb9409b52-FRA
expires: Tue, 15 Nov 2022 18:04:21 GMT

GET
H2 200 inter-780x470-1-300x181.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 15 KB
16 KB 27ms
24ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/inter-780x470-1-300x181.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e31e637aee7c50751787b4394dda715f8120bb407bd3580bca2b2b831c95349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46298
cf-polished: status=not_needed
content-length: 15871
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 17:32:12 GMT
server: cloudflare
etag: "634c401c-3dff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J372Z97HG4AgYVuUbATQ4mxVEgRL6wHfH3eVBLS%2F5Gf5QKxXKp1uirKYLlSJkaTFQWQs0GCnAgGeoJZEDZDrL8uYYNhAk57srtF6bwC8c%2BXfOhQ9Lj8HX4W3VaIGp35YcL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb9429b52-FRA
expires: Tue, 15 Nov 2022 18:04:21 GMT

GET
H2 200 %D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-%D9%8A%D8%B9%D9%85%D9%82-%D8%AC%D8%B1%D8%A7%D8%AD-%D8%A3%D8%B3%D8%AA%D9%88%D9%86-%D9%81%D9%8A%D9%84%D8%A7-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8...
kooora4lives.net/wp-content/uploads/2022/10/ 15 KB
15 KB 20ms
17ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-%D9%8A%D8%B9%D9%85%D9%82-%D8%AC%D8%B1%D8%A7%D8%AD-%D8%A3%D8%B3%D8%AA%D9%88%D9%86-%D9%81%D9%8A%D9%84%D8%A7-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8A%D8%B1%D9%84%D9%8A%D8%AC-300x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66183f71462b30d690081ba06c15ce37745f19689202e65dede71f136133bc3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 15321
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 17:04:50 GMT
server: cloudflare
etag: "634c39b2-3bd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaPDioxy0RbbBo7kM%2BXP7ny14v0RZneix%2Bf6z1aYzMrJNyy8EtfuQ9dD4Zwm3gnpASvLc28zBq5h6Jutc%2BEboOz%2F2rc4xO04ZvUHu5sJGbNuGXADGlnathhaeOPxdI7HbvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb9439b52-FRA
expires: Tue, 15 Nov 2022 18:05:08 GMT

GET
H2 200 %D8%A3%D8%B1%D8%B3%D9%86%D8%A7%D9%84-%D9%8A%D9%88%D8%A7%D8%B5%D9%84-%D8%A7%D9%86%D8%AA%D8%B5%D8%A7%D8%B1%D8%A7%D8%AA%D9%87-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8A%D8%B1%D9%84%D9%8A%...
kooora4lives.net/wp-content/uploads/2022/10/ 18 KB
18 KB 18ms
15ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D8%A3%D8%B1%D8%B3%D9%86%D8%A7%D9%84-%D9%8A%D9%88%D8%A7%D8%B5%D9%84-%D8%A7%D9%86%D8%AA%D8%B5%D8%A7%D8%B1%D8%A7%D8%AA%D9%87-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8A%D8%B1%D9%84%D9%8A%D8%AC-300x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3256cced9eaa0f6840ba7f1206ece912fd040edd228ba3f122a38f0c6eb41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 18148
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:53:15 GMT
server: cloudflare
etag: "634c36fb-46e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBm8mCZNhUwWyXU4IFGmruJcN4FSbKa0ujLbut68L1eNjAr5U3qUqS%2B5EziFnSna2qIcA8J3vDaz4WxuKy9ddsidY57KM%2Fu76QQeu%2B6lpIby6tczdQ1rgc9Kzr35lw2i3hU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb9449b52-FRA
expires: Tue, 15 Nov 2022 18:05:08 GMT

GET
H2 200 %D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88-%D9%85-300x180.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 11 KB
12 KB 28ms
25ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88-%D9%85-300x180.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d63000e13ceb986011042f00275c50a324c3f9b8adf83b3706e1fdffa2bf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 11414
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:46:31 GMT
server: cloudflare
etag: "634c3567-2c96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFrdJ3RRUoxoQTLFeskNCG24qmvAGgat9bJp%2Ff%2BhfPyIb6AwO2phSccGSGiD44ViSG0Mv5Oz1dIaP2s60rFnbuOOALic%2F8osW5CvKZz0TqtfbTseUkAOBgCDaKVnvNLQNGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb9469b52-FRA
expires: Tue, 15 Nov 2022 18:05:08 GMT

GET
H2 200 w644-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 9 KB
10 KB 21ms
18ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/w644-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e5b72460275e35b3947013497bde36be70382377b2ed2bbb60eac3945a14a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46250
cf-polished: status=not_needed
content-length: 9379
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:41:42 GMT
server: cloudflare
etag: "634c3446-24a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fV5p4ULA715ycsxFJBM6OH4LPA863lxiK3ft5obByhRZmaackimhvX1TuNJz0wFPu0mEP0fGOqrXA%2B5NVxHsAEoQtwe4Sm6AoMNLXX5coB63QoO7OlJ3yDJlltgjuFghshI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb9489b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 340120a2-723d-49b1-a88e-f46db834bd87-300x217.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
13 KB 21ms
19ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/340120a2-723d-49b1-a88e-f46db834bd87-300x217.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e36021f9cfe17b368b877bfcb879a73e7a9b76a094ed9f963ddf031b83237e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46250
cf-polished: status=not_needed
content-length: 12680
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:34:44 GMT
server: cloudflare
etag: "634c32a4-3188"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0amXZFP9KlVcxc9dDxj3diGRD8VxWSHN17Y7iZvqng218xD%2BYtI2y4C9m9Yw4qWkS6Bm1HuVTCj2pncxXgvBaMG6Vz%2FQom7zOEdfYCi3bWBP0BNwEhvccV5edZES67%2FN%2B38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb94a9b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 FfCKIpBWAAIEDY6-300x300.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 23 KB
23 KB 19ms
16ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/FfCKIpBWAAIEDY6-300x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca08fc5063082bb1149350f4135152e40f8cdfaf88f3e6e24c8a5659f032267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46125
cf-polished: status=not_needed
content-length: 23401
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 10:46:07 GMT
server: cloudflare
etag: "634a8f6f-5b69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mN3Jy0%2FzJXOREgwsbR4SXCnUgsAKPMzCJ%2BYwn0x9Uu42oaaNe7O58YUacSirOJ2BIx3vLl%2BbSJXCu52XtB3mGFKtJWIb009cXeLqx8iNWD9MoyPuw3bqRchCmTVGLzNBUIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb94b9b52-FRA
expires: Tue, 15 Nov 2022 18:07:14 GMT

GET
H2 200 large-1-1-300x225.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
12 KB 21ms
19ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/large-1-1-300x225.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8094738382f20ed29443d574cbefc09a10917c51a55659ee27ec390795de28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46250
cf-polished: status=not_needed
content-length: 11838
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 10:04:13 GMT
server: cloudflare
etag: "634a859d-2e3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gX4q%2B9n9R5987i9zzPMdVOY2NxdjTd4opTRB0ncUg3LhFjSv%2BwfGCuObb7%2B9mUV8ELcDe%2FoS6czQOPHxmoaXmHFdB5Hkz0n1KMKfSs6vuMt4Cfm2IWrhsph9fObxtc122s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb94d9b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 2020-05-23t000000z_314275793_rc2hug9hjr30_rtrmadp_3_soccer-germany-bay-sge-report-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
12 KB 25ms
23ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/2020-05-23t000000z_314275793_rc2hug9hjr30_rtrmadp_3_soccer-germany-bay-sge-report-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fc5c95546fa8525e1ddb79e653f7ce8ce04469a2afaaf524e3e9a2a9d16483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46250
cf-polished: status=not_needed
content-length: 12020
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 09:59:55 GMT
server: cloudflare
etag: "634a849b-2ef4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fV1zaqiacwl4Q4FX%2BMW7n4Ujao0kNzQyEJpylFXnthfNFEyAlSz9EocsWlXEtlZUAAAN1G2j9oDmyjRbXYUovn4LXZ6sQMf9ZRBvv1sNwxa0ZrgOvL%2FpF3lJnpcDjecJPWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfb94e9b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 large-1-300x190.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 17 KB
17 KB 26ms
24ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/large-1-300x190.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778da85c1ce0d534ae559d6902e53e26848e4adfcaa957932c4f08a36252d48e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46250
cf-polished: status=not_needed
content-length: 17407
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 09:52:40 GMT
server: cloudflare
etag: "634a82e8-43ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOiCvmx%2FNPXbe7Amu2998AqNTBAMSAVNBFqL%2B3EXfLiRz49QUzSerhOfIPv7s12drkw%2BxRkPPchG1YGngt2tzicQJb2gkAHBuPN6%2FszI8HSQ22o2woR%2FW0jrYhE3hlzRTy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfc9709b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 %D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%BA%D9%88%D8%A7%D9%8A-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%82%D8%AF%D9%85_0-300x169.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
13 KB 28ms
26ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%BA%D9%88%D8%A7%D9%8A-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%82%D8%AF%D9%85_0-300x169.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7401beae1524ad015de90f05cc7e59f38901e5ff9f8ba080da26c5fc5988c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46249
cf-polished: status=not_needed
content-length: 12661
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 09:39:16 GMT
server: cloudflare
etag: "634a7fc4-3175"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ%2B3IG51qVz29MJdpn8zcVCH%2F84dcvjc7izpVwkgM2qWBWauc1fYZ65F6tkMJ61l110Pdg9zq7cVW1FU2Nl5XJPDk%2Bi%2B%2BSl%2FsWas4L3qCSfV7%2BP9h8Ou0QRx12r4OYFK6uA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721bfc9739b52-FRA
expires: Tue, 15 Nov 2022 18:05:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 62ms
24ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

093fe7558efb53cd9e42280c1f5197375328777f91c32eecae649bc0bffd29d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11376
x-xss-protection: 0

GET
H2 200 hb_561849_14381.js Show response
player.aplhb.adipolo.com/prebidlink/462774/ 346 KB
106 KB 66ms
11ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d7609d61ec6ac9e0ddafbfa849032a9f394b8e4a3c67119862331fdfc4066212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 10:50:49 GMT
server: nginx
etag: W/"63230389-56993"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Mon, 17 Oct 2022 07:56:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19180aa696c7d0abc642b11c03e37b87eb76836abadb7f3ecb06232bddd1d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27642
x-xss-protection: 0
server: sffe
etag: "1366 / 35 of 1000 / last-modified: 1665796911"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Oct 2022 06:55:59 GMT

GET
H2 200 wrapper_hb_561849_14381.js Show response
player.aplhb.adipolo.com/prebidlink/462774/ 2 KB
1 KB 80ms
25ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/462774/wrapper_hb_561849_14381.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: db839711e16b794d18153609cc39005d09ee1ce7978257f464f61d6f30357eea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 11:08:21 GMT
server: nginx
etag: W/"634be625-6c8"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Mon, 17 Oct 2022 07:56:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
28 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af73625499971460fbee3b86b049a31830c236e0cc8af4f7189c8602113eefe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27647
x-xss-protection: 0
server: sffe
etag: "1366 / 551 of 1000 / last-modified: 1665796911"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Oct 2022 06:56:00 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 72ms
19ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16230594
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKx4KcghKOmBSwMyhNBpj6wD56N1IZ7nhtXxue5JCMS4%2BXCAUKXMyQPNhTmXKyQm5D8BIYWbjmncXqGQSh0SqGUdruIrgiyZTL%2F6h%2F0ei%2Fd%2FQqoEmEkV5SJGqa%2FxaRPO%2Fje3K0Hp28BryQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75b721c01cd0916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7068

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 274ms
193ms Image
image/x-icon 141.95.4.204
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.204 , France, ASN16276 (OVH, FR),
Reverse DNS: ip204.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:00 GMT
X-Openstack-Request-Id: tx830c457ed0d54be981737-00634cfc80
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086
X-Trans-Id: tx830c457ed0d54be981737-00634cfc80

GET
H2 200 /
signup.adipolo.com/ 0
0 94ms
30ms Image
text/html 2606:4700::6810:f44e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signup.adipolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 1241 390 KB
111 KB 86ms
11ms Script
application/javascript 2a02:26f0:480:39d::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:39d::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtE8nZD_ZWEn3wpzEsdy5oZhYfWtEmfYnL0_9g_xda4kYUEYLgogaZEk5Nhsv8UEX2kZrBk7oSv5NQmZk0bqyKXuFsmiaxj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 112390
last-modified: Thu, 22 Sep 2022 10:35:01 GMT
server: UploadServer
etag: "338e56b1f4ce4f7715f277f4b2749547"
vary: Accept-Encoding
x-goog-generation: 1663842901832027
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=61SVsA==, md5=M45WsfTOT3cV8nf0snSVRw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 112390
accept-ranges: bytes
expires: Mon, 17 Oct 2022 07:01:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2649ms
2607ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:02 GMT

GET
H2 200 image-2-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 9 KB
10 KB 20ms
13ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/image-2-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fcfb54e57e319af758a54207b3f3a4ce80b09dfcb5d1679695e3a05fcd03a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46299
cf-polished: status=not_needed
content-length: 9330
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 17:37:09 GMT
server: cloudflare
etag: "634c4145-2472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boTQ5E3sg%2B%2BgdMcyG5w8cAmZa1at017gbqRCeqOoI5iVSbqYK3Lp%2F1t3LwzjTHSZohy2j3nlOcomGqKFwzVo4PPNdW9LoxUodaCFJhU6p1bUxwQMqH0H4G7H%2BdMbDZKifa4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b149b52-FRA
expires: Tue, 15 Nov 2022 18:04:21 GMT

GET
H2 200 %D8%A3%D8%B1%D8%B3%D9%86%D8%A7%D9%84-%D9%8A%D9%88%D8%A7%D8%B5%D9%84-%D8%A7%D9%86%D8%AA%D8%B5%D8%A7%D8%B1%D8%A7%D8%AA%D9%87-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8A%D8%B1%D9%84%D9%8A%...
kooora4lives.net/wp-content/uploads/2022/10/ 18 KB
18 KB 20ms
14ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D8%A3%D8%B1%D8%B3%D9%86%D8%A7%D9%84-%D9%8A%D9%88%D8%A7%D8%B5%D9%84-%D8%A7%D9%86%D8%AA%D8%B5%D8%A7%D8%B1%D8%A7%D8%AA%D9%87-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8A%D8%B1%D9%84%D9%8A%D8%AC-300x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3256cced9eaa0f6840ba7f1206ece912fd040edd228ba3f122a38f0c6eb41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46252
cf-polished: status=not_needed
content-length: 18148
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:53:15 GMT
server: cloudflare
etag: "634c36fb-46e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMcRcCA%2Byd7SUusXccm4WZ39O3kRrd%2F%2FZk0a256ixyY0grLIczTvuWcYHtOmQi5JL8x5rWQWNjYm1KbS%2FjAcEwFMPTWrDPtt%2FQu6k7g%2FQYMW7XQurzx9QBHR%2Fhn1PMuIazY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b159b52-FRA
expires: Tue, 15 Nov 2022 18:05:08 GMT

GET
H2 200 FfCKIpBWAAIEDY6-300x300.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 23 KB
23 KB 21ms
15ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/FfCKIpBWAAIEDY6-300x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca08fc5063082bb1149350f4135152e40f8cdfaf88f3e6e24c8a5659f032267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46126
cf-polished: status=not_needed
content-length: 23401
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 10:46:07 GMT
server: cloudflare
etag: "634a8f6f-5b69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MONAjly5AFCJCAAdoMzJ%2Fn3cvcHLaN3JWQuEICThAqf7X9rTZVvZBR%2BtQLqdSGP4qBZ4k%2BzdFmAaroHKC%2BpDFh06Ldb1pXZKuad%2BJUuXHVooMoBJQ5ESTtKOlBJLXA0F95w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b169b52-FRA
expires: Tue, 15 Nov 2022 18:07:14 GMT

GET
H2 200 %D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-%D9%8A%D8%B9%D9%85%D9%82-%D8%AC%D8%B1%D8%A7%D8%AD-%D8%A3%D8%B3%D8%AA%D9%88%D9%86-%D9%81%D9%8A%D9%84%D8%A7-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8...
kooora4lives.net/wp-content/uploads/2022/10/ 15 KB
15 KB 27ms
22ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-%D9%8A%D8%B9%D9%85%D9%82-%D8%AC%D8%B1%D8%A7%D8%AD-%D8%A3%D8%B3%D8%AA%D9%88%D9%86-%D9%81%D9%8A%D9%84%D8%A7-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D8%B1%D9%8A%D9%85%D9%8A%D8%B1%D9%84%D9%8A%D8%AC-300x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66183f71462b30d690081ba06c15ce37745f19689202e65dede71f136133bc3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46252
cf-polished: status=not_needed
content-length: 15321
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 17:04:50 GMT
server: cloudflare
etag: "634c39b2-3bd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdD%2BZOTOlKCNWeN4qtZCgf9VH2bGmVfHb1YDgwwbdLMDAI0dwPOlRDb%2Fg44SKjccavCUbgZN59qpxbq9YtGhbsyy8%2F9UtEyAoNGxf878WB4iHZGr7L40170%2Fmk7vKLoDEXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b189b52-FRA
expires: Tue, 15 Nov 2022 18:05:08 GMT

GET
H2 200 w644-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 9 KB
10 KB 23ms
18ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/w644-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e5b72460275e35b3947013497bde36be70382377b2ed2bbb60eac3945a14a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 9379
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:41:42 GMT
server: cloudflare
etag: "634c3446-24a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVTReIJGztzeHyabtIk1qx7s7UQQBsqXpYopq%2F8fZCXTPGXZfFypBNrA4%2FZPMI39SuKsAfC6vZLHhsRN3EPAM8xycUl5ClcfVQRXNxcTlK3xa51zkyFX%2FlzA0WOkMUA8eRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b1a9b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 340120a2-723d-49b1-a88e-f46db834bd87-300x217.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
13 KB 25ms
20ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/340120a2-723d-49b1-a88e-f46db834bd87-300x217.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e36021f9cfe17b368b877bfcb879a73e7a9b76a094ed9f963ddf031b83237e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 12680
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:34:44 GMT
server: cloudflare
etag: "634c32a4-3188"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0GYqMIitO6dhUo9QQh%2BXiUS2Hgg%2FeHQyKg%2BTl6kEZiSG8sFtGdwsUCOqrtXybggWCY%2Bdjb8HJjnnSmW%2Be2oELPaUb4FLCpWkoMBKjOoBL3LiOTcHTbr452fiqqjsOMKgC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b1d9b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 large-1-1-300x225.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
12 KB 29ms
24ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/large-1-1-300x225.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8094738382f20ed29443d574cbefc09a10917c51a55659ee27ec390795de28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 11838
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 10:04:13 GMT
server: cloudflare
etag: "634a859d-2e3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BjVFl7g7QayIGmuoO2KBbFf2TBUATITRRwu89X4Gxc1vGwfB4qyvSWE9ZSD%2BchoTbonYjfz6yK9ZhRymRpu3CWfgsUha6blszB5mR6kn3Dqiyy5nJ5KYoWlPgF4SZzGFug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b1e9b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 2020-05-23t000000z_314275793_rc2hug9hjr30_rtrmadp_3_soccer-germany-bay-sge-report-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
12 KB 27ms
23ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/2020-05-23t000000z_314275793_rc2hug9hjr30_rtrmadp_3_soccer-germany-bay-sge-report-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fc5c95546fa8525e1ddb79e653f7ce8ce04469a2afaaf524e3e9a2a9d16483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 12020
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 09:59:55 GMT
server: cloudflare
etag: "634a849b-2ef4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvDUO3tQXhbQWO9dRJS3PfHdONkVic09bLPWJIGtPqztCHoK80mTAl%2FqdS38FLitUCS1qpASX9bCjhl2N3GDahiYXxFtAPuEyzTS4n1XL8n4jQbwhBMnQimXbZVu72oyIPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b209b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 inter-780x470-1-300x181.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 15 KB
16 KB 25ms
22ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/inter-780x470-1-300x181.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e31e637aee7c50751787b4394dda715f8120bb407bd3580bca2b2b831c95349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46299
cf-polished: status=not_needed
content-length: 15871
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 17:32:12 GMT
server: cloudflare
etag: "634c401c-3dff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne%2F61jTMRcJILPlJJOU0iQC36yc0XLtKwinuwI4CTtn%2BaiacnT5FPBgTkfnBy%2FalqxfNcbdoU5IJUhYLkpEQG09msOnuu6Cmjd97hBvIHEBrdB5VaZfRJo7h8lmg9463Oik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b229b52-FRA
expires: Tue, 15 Nov 2022 18:04:21 GMT

GET
H2 200 large-1-300x190.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 17 KB
17 KB 22ms
19ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/large-1-300x190.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778da85c1ce0d534ae559d6902e53e26848e4adfcaa957932c4f08a36252d48e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46251
cf-polished: status=not_needed
content-length: 17407
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 09:52:40 GMT
server: cloudflare
etag: "634a82e8-43ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn2z%2BhtSzwfOQ16IoX9hXLOSp%2Fi3aJKyG5lwdzvhkgLQT2DbvC6hIqVRHLtESrvCJPmjV6i%2BTG0PH3js5hQxyQsS9DJFl7io9919O8FUsvwEtlCOWVOyr5AWtD84YKxFDaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b249b52-FRA
expires: Tue, 15 Nov 2022 18:05:09 GMT

GET
H2 200 %D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88-%D9%85-300x180.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 11 KB
12 KB 24ms
21ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88-%D9%85-300x180.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d63000e13ceb986011042f00275c50a324c3f9b8adf83b3706e1fdffa2bf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46252
cf-polished: status=not_needed
content-length: 11414
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 16:46:31 GMT
server: cloudflare
etag: "634c3567-2c96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJYW7cyey9rOCJA14IOuHGlHusNAdwpyV9au7YuxGCQ1uVLFGvKV2lIu2wJuAJYOzZwWmV4aQpZHxM0u%2BhcwV7cf1lDSFLdTCsrlsedrtYdcEnXeHNQLW56H%2B%2Bwg2l%2FuVEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b259b52-FRA
expires: Tue, 15 Nov 2022 18:05:08 GMT

GET
H2 200 %D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%BA%D9%88%D8%A7%D9%8A-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%82%D8%AF%D9%85_0-300x169.jpg
kooora4lives.net/wp-content/uploads/2022/10/ 12 KB
13 KB 25ms
22ms Image
image/jpeg 172.67.71.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/10/%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%BA%D9%88%D8%A7%D9%8A-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%82%D8%AF%D9%85_0-300x169.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7401beae1524ad015de90f05cc7e59f38901e5ff9f8ba080da26c5fc5988c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/beinmatch-4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46250
cf-polished: status=not_needed
content-length: 12661
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Oct 2022 09:39:16 GMT
server: cloudflare
etag: "634a7fc4-3175"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5U%2F4dfrzK3AYdvzzMiCEQgLMfUqPO6PadktirwLb%2BtoTFSs2GiJ%2FiynrsJckGsKbCrdAgFdkDhcSLwla%2B7RuCqh1v22HbojhWHvEfg1%2B76matnlj%2FLGuHKLeq9rQQ5FYfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 75b721c07b279b52-FRA
expires: Tue, 15 Nov 2022 18:05:10 GMT

GET
H2 200 hbw_release_561849_14381.js Show response
player.aplhb.adipolo.com/prebidlink/19282/ 89 KB
28 KB 22ms
12ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/19282/hbw_release_561849_14381.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/wrapper_hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3e521ba002d4baa68364a180a99e4963485cb47f7d96e7f733ea3d67dc50f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 11:08:21 GMT
server: nginx
etag: W/"634be625-16425"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Mon, 17 Oct 2022 07:56:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 45ms
8ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e0e196048b6ee85015e4c68119aa4e7c824acadf9827551b41987d0d8af88168

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

expires: Wed, 19 Oct 2022 06:56:00 GMT
date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
last-modified: Sat, 15 Oct 2022 12:01:11 GMT
server: nginx
etag: W/"634aa107-2a8e"
content-type: application/json
access-control-allow-origin: https://kooora4lives.net
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 42ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
40 KB 468ms
467ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=1684142102940597&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2406971207&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1665989760178&lmt=1665989760&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b68fc595afd77a522505724a8e55bd1d636180eaddee95d13d77997734c4dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41033
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
13 KB 646ms
646ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=2788535188822255&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&adks=4012738480&sfv=1-0-38&ists=1&fas=2&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1665989760182&lmt=1665989760&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe98e62434c662571cafd2d72e3724925f9e3fb4fb5f173b70d6a02c296154c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13591
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022101002.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022101002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0c61f4d39e7cda429be0271c1c87cd36a00bdd51226f0e87ee31ede992e5f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 15:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13931
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 16:09:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 15 Oct 2023 15:08:57 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 134 B
406 B 305ms
18ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19282/hbw_release_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ea22e0515cf1109784cc2fd38c1b8873abe5ac0761ac13f59630168105b1148a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:55:59 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 134

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
435 B 302ms
18ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=561849&site_id=14381&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&adid=cfae15.1f&features=81952&vpbv=R081&tte=227&lifecycle_tte=721
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19282/hbw_release_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:55:59 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 track
servt.modoro360.com/ 0
70 B 98ms
96ms Image
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=kooora4lives.net&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=1&d36=6.2.56&apppkg=&fv=1&proto=https&d65=ControlGroup&clsid=58813be7-3b63-47bf-ae27-c89c3091b692&rando=20&pid=620a5acab6e80f22ac327b74&cid=620a5ad6cb35c5271669185a&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1665989760231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/1/ 25 KB
4 KB 580ms
323ms XHR
application/json 23.23.108.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/1/?AV_TAGID=620a5bd04911372f7d67f1fa&AV_PUBLISHERID=620a5acab6e80f22ac327b74&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&AV_CHANNELID=620a5ad6cb35c5271669185a&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=1&pce=1&npx=1&AV_DETDOMAIN=kooora4lives.net&AV_DADPOS=1&AV_TAG=620a5bd04911372f7d67f1fa&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.56&responsive=1&sver=2&avtoken=760230&omv=1.0.1&AV_D65=ControlGroup&clsid=58813be7-3b63-47bf-ae27-c89c3091b692&rando=20&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1665989760257&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.108.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-108-37.compute-1.amazonaws.com
Software: /
Resource Hash: f4ce982175c73886c783e8783c9fcda1eaca6f2f48a7fd8d18f7991fb5c07477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 05 Oct 2022 17:09:20 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032210071758000/ Frame D4B8 221 KB
60 KB 155ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032210071758000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd270679c6bae425ec01fa11ae1ff919d7d78b1780da49ef561bc0911e46f7c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Oct 2022 22:01:10 GMT
age: 464090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61541
x-xss-protection: 0
server: sffe
etag: "df08417bcab9236b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Oct 2023 22:01:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032210071758000/v0/ Frame D4B8 14 KB
5 KB 158ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Oct 2022 22:01:10 GMT
age: 464090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Oct 2023 22:01:10 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032210071758000/v0/ Frame D4B8 94 KB
28 KB 144ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032210071758000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Oct 2022 22:01:10 GMT
age: 464090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Oct 2023 22:01:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032210071758000/v0/ Frame D4B8 5 KB
3 KB 141ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Oct 2022 22:01:10 GMT
age: 464090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Oct 2023 22:01:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032210071758000/v0/ Frame D4B8 40 KB
13 KB 142ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032210071758000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Oct 2022 22:01:10 GMT
age: 464090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Oct 2023 22:01:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D4B8 8 KB
1 KB 152ms
20ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 06:30:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 06:56:00 GMT

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D4B8 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:47:43 GMT
x-content-type-options: nosniff
server: cafe
age: 58097
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Mon, 17 Oct 2022 14:47:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D4B8 344 B
448 B 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 9955
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 18 Oct 2022 04:10:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D4B8 0
0 145ms
16ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYb_iuzTRn_SNKt3BsEelXsFpuNcxoLCeZe8pYHPUFcndVmbtpyzQAPG8Eb8UtZvbmxzL4p_er8u1F3cw7Q9M4FkeovQ
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D4B8 0
0 51ms
51ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqZsPf_xMY9SrO9KZgAf945W4Cui65_ds76aJmZQR2tkeEAEgvc-GaGCVgoCAlAegAZCU7fgoyAEBqQI47lqy8gwIPuACAKgDAaoEhgJP0EyNO5CMGXLFARJqH5HtI51AEG1c3Rv4Z7y2hsScyZSMKb_M8KoW63qypCbWgLCa4-yOQ1nFrDra1dFSoEUwUz8rJYI8jNmf604WIFteEc7jf4SZKpucXPhFkTjxSPYTxzxY7Hhc3kKV5skxwkhrp7uzvvhDlsdI-MM6SRmKnWaowooYfILe9sOyhzQ1h9ebYkGrfK8G_g9D4uj77WVljKw1iOUE0-_d0vH46diWI6yH00EsLk0v0i4Xs60VHI6TiXzJ5K2fB_9EfcgWEjUrydVuYcwCc2ZGTIAX4DRTFrRo5boFOilbHj3CFkUBMb65rEyWWDnZx8ptZQXHLBRt-_eczr7uwATKs47JlgTgBAGSBQQIBBgBkgUECAUYBIAHkMy92AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD4hifSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEwqIFAHQFQGAFwGyFx4KHAgAEhRwdWItOTAzNTA4Nzc5MjY5Mjc3NRjgkG0&sigh=BW7iSfl4lFg&uach_m=[UACH]&cid=CAQSPwDq26N9qQvA_kmK_F7MppWuSsUpgofcYWurcE_S4sCyLU_Qo2EkfrwMdZBKp7B5IqEND24UIdYTl7cR6aMLPBgBIA4&template_id=5007
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11453938129853216822/ Frame D4B8 3 KB
3 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11453938129853216822/14763004658117789537?w=100&h=100

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33c36e0b4c988245ad83fd934e5787001f553e32103f55e7d859930f3c344116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:57:52 GMT
x-content-type-options: nosniff
age: 259088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2801
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 09:01:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 06:57:52 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17919873978987709915/ Frame D4B8 1 KB
1 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17919873978987709915/14763004658117789537?w=100&h=100

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cabf421aa6617303e51beaa7dd70f293b0c1d81fe7aee539997b9a4c55cff589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:52:54 GMT
x-content-type-options: nosniff
age: 360186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 12:41:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 02:52:54 GMT

GET
DATA 200
OK truncated
/ Frame D4B8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd86f01245e30b4e925634fcb37eff8372d0bd58568985a91c85bfa5f57a6024

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 118ms
43ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kooora4lives.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://kooora4lives.net
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
409 B 109ms
65ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 70ms
19ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Mon, 17 Oct 2022 06:56:00 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://kooora4lives.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 124ms
46ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=ce8013ba-69a0-48c2-b35f-7ec194879fea&l_pb_bid_id=43e0179ad125515&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.35919709738853633
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5ad9c147516081a3f0a795cb4befe45e751e0213ebd492596827fe90b4ae740b

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 113ms
34ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=f935448f-0f33-4c21-b798-59cff1584cde&l_pb_bid_id=445d17eac170d52&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.39919873855187715
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 09fbfb8a4887244e1c91e83f8c1779347fc6254f5a74c7ec6235f33dece4b405

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 148ms
66ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1dba65c1-694d-4e8e-9380-2e60f3334abe&l_pb_bid_id=459509623afcc95&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8059279860842787
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fad3e09c83a92d3ea60c19ddde0d8ea55cefa6ff12586d26057eab6ee061c934

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 14 KB
8 KB 214ms
133ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=38380af7-31e5-4f47-ae91-d09bd47f0429&l_pb_bid_id=46a92e3ac261ac2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.7291063157723179
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 347961c0b167cedf0f91617720184c0aa325cfdc448594153a061a9ada0943a7

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7522
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 332 B
1 KB 153ms
23ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d537f6bf-de2b-4d65-8b59-24c3f5adbcdf&l_pb_bid_id=4782d7837de18b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9186458139949469
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2739d6dc966b25a506e5c899b2401aa8b13b2ee6154cc7706f8af723a62da90c

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 332
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 232ms
102ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=43&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=4a15d932-87e9-4b48-af45-e9be7c9f6b73&l_pb_bid_id=48860e575beff67&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9274540827161715
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f8d284910d8d0503e89d72a5ee16fe4a710e30273b71c6846fb11d3fc11a1f60

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 148ms
18ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d0989871-bccc-4ce2-a881-dc579c405146&l_pb_bid_id=496a43f8dd345d6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.11997450560621847
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: df3b98fe59fe0677430a5252a1bda45c07c228f9aafdf4a01ddf8644f3b75b90

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 152ms
22ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=11cc44fc-c149-469a-9f89-9be829487859&l_pb_bid_id=502f131d86bd887&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.4989505467825077
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e87a03c7926c20818549eed4d973bfc90d895ef1d707fccad81ea1636beda59b

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 164ms
18ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=52037aed-2053-4484-a8a3-0c8737c430e9&l_pb_bid_id=5121d5f0c90a6e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.25414611399554543
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 273882dd606190e38d3e8fee0005ef48aebf5134eb0cd105e3863ca59d30d54d

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 178ms
27ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=69d1dfa0-cf54-4966-9f27-b77b1fb9cb18&l_pb_bid_id=520063ee1d4a087&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8111685445112751
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b790c94ae18306fdbd2595a068c0b28830325f61bf9efbc814ba111bd408d9df

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 177ms
24ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c88fed75-20d7-4eb9-b7f1-779bc7fb32a2&l_pb_bid_id=53a8528313c91a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.4967356852963798
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f332d8cb7b8da539d4606e7a9f4825f2ce355a5052f0e9ae7c85e971ed234608

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 164ms
18ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=78e48260-374b-44ad-b9b8-34f233f45f83&l_pb_bid_id=5414d82f79d22c8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.10934170125828069
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2f6af11e2405f681c10c7b137262e7114b6756c03b8ffe7aad3300af6691c5cb

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
704 B 95ms
56ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
AN-X-Request-Uuid: 13044e32-e8c3-4938-a33b-b8f3b8624265
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 37ms
9ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://kooora4lives.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 99ms
39ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 17 Oct 2022 06:55:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
867 B 81ms
28ms XHR
application/json 3.64.202.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tmax=2000&gdpr=false

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.202.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-202-105.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:00 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 81ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 17 Oct 2022 06:56:00 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
314 B 941ms
312ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=8433585672

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST /
prebid.smilewanted.com/ 0
0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
646 B 132ms
36ms XHR
application/json 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: a4a57a6a7aac8b1b66c284563baaf89dc75e9473eb6b466bcccd0de472bcd56e

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 17 Oct 2022 06:56:00 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
704 B 70ms
33ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
AN-X-Request-Uuid: 9f7fa4a9-20b6-4cf6-b423-b536298cd60d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 1430ms
816ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=11051259772

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
704 B 66ms
34ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
AN-X-Request-Uuid: b41757a8-fe80-4082-b2e5-1ae51ff501a4
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 141ms
19ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=ce8013ba-69a0-48c2-b35f-7ec194879fea&l_pb_bid_id=362ab8829cd6305a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.709387002761179
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e54c5099e5450dfa33b7d23a9f7882dbc89fe24728601cc18dfaf21d9cee9563

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 218ms
83ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=f935448f-0f33-4c21-b798-59cff1584cde&l_pb_bid_id=363bd42bf31f89c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5133662422799987
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 66481f475dc17812d43b73c82e30b397ef2979e380a87f5ba29eefe08956d2a2

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 185ms
51ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1dba65c1-694d-4e8e-9380-2e60f3334abe&l_pb_bid_id=364e7918e330e7f2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.07051910692106644
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e878b8484e8dc1a13d39f4a53afe69c93e732a129a1d48d45c63cd22820a3bec

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 163ms
30ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=38380af7-31e5-4f47-ae91-d09bd47f0429&l_pb_bid_id=365791bf4f01496&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.20526750661215853
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f532a07cfc6c4e754d9ed48bcf15823b798a23f362cd73452fd9f5cd62daf957

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 157ms
17ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d537f6bf-de2b-4d65-8b59-24c3f5adbcdf&l_pb_bid_id=3665fb0d98275d83&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.2718233331539077
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7c7ef02baefb96e1f07081fcfc3e2cde58e8219085a98854630ceda0ae64d36e

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 183ms
21ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=43&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=4a15d932-87e9-4b48-af45-e9be7c9f6b73&l_pb_bid_id=36728444e1ddee05&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.08016877138214684
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 036c8b6e0426856433ddcd669d9b836d8e3a594c5cb6911557bd14ce9c92f93e

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 185ms
21ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d0989871-bccc-4ce2-a881-dc579c405146&l_pb_bid_id=36847a32260af1c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5476933555443055
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f940a079f3fb1dacfa8d85b872718d8cc11d8d5b9e9e244fa440c03bffecfeec

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
1 KB 210ms
44ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=11cc44fc-c149-469a-9f89-9be829487859&l_pb_bid_id=36971af663c907b4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.22136612241489417
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3c80a598e8620818cd3ba568d88d437ec1f824373c27dd4b0213191cd6a19d01

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 327
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 228ms
41ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=52037aed-2053-4484-a8a3-0c8737c430e9&l_pb_bid_id=370efe891b3c99de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.02895602023478605
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c4d892d57f18987d53118c63227266eaa400666bdf388653d6c217c649002332

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 203ms
17ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=69d1dfa0-cf54-4966-9f27-b77b1fb9cb18&l_pb_bid_id=3718a3efc28f2897&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.42701427013170257
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 26db3d828710c7a5bc33f5ca0d2d65b72572bb424f1c9ef15b98ad484f58c297

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 204ms
18ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c88fed75-20d7-4eb9-b7f1-779bc7fb32a2&l_pb_bid_id=372786b5e3b7a02d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.10667901554190085
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 229ec1166d40d23721fccf8fd7fb1c92daf1de01b1fd3f911b32f86c8935aac3

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
1 KB 247ms
62ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=78e48260-374b-44ad-b9b8-34f233f45f83&l_pb_bid_id=37386927ce98f4f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.6434072044975274
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 38a59ec3c991b5fb8eda7add7ba1b983aecd8f3bb8f712b59ebe218cf98aea85

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 327
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D4B8 28 KB
28 KB 80ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kooora4lives.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 549743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 22:13:37 GMT

GET
H3 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 928F 6 KB
3 KB 529ms
17ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0A8A 6 KB
3 KB 45ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D4B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

173ms
28ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date: Mon, 17 Oct 2022 06:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D4B8 3 KB
3 KB 308ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032210071758000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:47:43 GMT
x-content-type-options: nosniff
server: cafe
age: 58098
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Mon, 17 Oct 2022 14:47:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D4B8 344 B
406 B 308ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032210071758000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 9956
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 18 Oct 2022 04:10:05 GMT

GET
H3 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 317E 6 KB
3 KB 41ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E74 6 KB
3 KB 40ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 /
csync.loopme.me/ Frame 4BE8 0
0 99ms
40ms Document
text/plain 2606:4700::6813:ad6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%7Bdevice_id%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75b721c7fd4d9a0c-FRA
date: Mon, 17 Oct 2022 06:56:01 GMT
server: cloudflare

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C1E9 15 KB
6 KB 66ms
8ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=113018
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 06:56:01 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 18 Oct 2022 14:19:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 962B 0
0 86ms
11ms Document
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Mon, 17 Oct 2022 06:56:01 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame CB3D
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1665989760568-965177218956-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1665989760568-9651772...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1665989760568-965177218956-006093-006-009538&key=d8475696-b4f0-4f2c-8ee4-168ff117f5a3

0
38 B

383ms
100ms

Document
text/plain

34.202.192.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1665989760568-965177218956-006093-006-009538&key=d8475696-b4f0-4f2c-8ee4-168ff117f5a3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.192.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-192-26.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 17 Oct 2022 06:56:01 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Mon, 17 Oct 2022 06:56:01 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1665989760568-965177218956-006093-006-009538&key=d8475696-b4f0-4f2c-8ee4-168ff117f5a3
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 75EC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1665989760568-965177218956-006093-006-009538&key=OPTOUT

0
200 B

281ms
133ms

Document
text/plain

34.202.192.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1665989760568-965177218956-006093-006-009538&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.192.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-192-26.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 17 Oct 2022 06:56:01 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Mon, 17 Oct 2022 06:56:01 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1665989760568-965177218956-006093-006-009538&key=OPTOUT
pragma: no-cache

GET
H2 204 services
sync.technoratimedia.com/ Frame CE40 0
0 353ms
99ms Document
text/plain 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1665989760568-965177218956-006093-006-009538&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://kooora4lives.net/
age: 0
date: Mon, 17 Oct 2022 06:56:01 GMT
server: nginx
via: 1.1 varnish
x-varnish: 919704392

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame DF76 0
0 20ms
20ms Document
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Mon, 17 Oct 2022 06:56:01 GMT
X-Sovrn-Pod: ad_ap3ams1

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame D994
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1665989760568-965177218956-006093-006-009538&key=W82utIzw2MY4&ev=1&us_privacy=${us_privacy}&pid=562704

0
37 B

195ms
103ms

Document
text/plain

34.202.192.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1665989760568-965177218956-006093-006-009538&key=W82utIzw2MY4&ev=1&us_privacy=${us_privacy}&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.192.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-192-26.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 17 Oct 2022 06:56:01 GMT

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-6bdd85b5c9-kf97m
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1665989760568-965177218956-006093-006-009538&key=W82utIzw2MY4&ev=1&us_privacy=${us_privacy}&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 1241 174 KB
55 KB 10ms
10ms Script
application/javascript 2a02:26f0:480:39d::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:39d::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsyzz6SkDyx09QUSKvLVOMwfVZt3Spy4OIixHYzz5__nDGzdmgAP2XQbuvWuT8zIKwYQ4hFkvazfveJCBprqx6yyTE4rQ2B
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 55752
last-modified: Thu, 22 Sep 2022 10:35:02 GMT
server: UploadServer
etag: "1795de334800689d8e696cd76eb42c2c"
vary: Accept-Encoding
x-goog-generation: 1663842902451355
x-goog-hash: crc32c=mLxcag==, md5=F5XeM0gAaJ2OaWzXbrQsLA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 55752
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 17 Oct 2022 07:01:00 GMT

GET
H2 200 avpb7.12.0a4.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 1241 61 KB
21 KB 13ms
13ms Script
application/javascript 2a02:26f0:480:39d::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a4.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:39d::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 625b11a21d828ad4317e51b70ed84d8924a2ad808adc6a19a512a29dfd7b2c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvzuCBCR4cSvj1X2zfA-j2LM8S98td7xr_Uu52jwdFYMKwxqZP664CRjbvI-v6OFOToVZfz_Mg949ihfF0eAlu5uJ38A2Bz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20677
last-modified: Thu, 22 Sep 2022 10:35:02 GMT
server: UploadServer
etag: "40a6a33bd973af4846a40afd76556d2d"
vary: Accept-Encoding
x-goog-generation: 1663842902586827
x-goog-hash: crc32c=wMKynQ==, md5=QKajO9lzr0hGpAr9dlVtLQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20677
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 17 Oct 2022 07:01:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ 43 B
220 B 359ms
12ms Image
image/gif 3.120.13.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1665989760568-965177218956-006093-006-009538&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.13.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-13-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665989760568-965177218956-006093-006-009538%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
220 B 358ms
11ms Image
image/gif 3.120.13.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665989760568-965177218956-006093-006-009538%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.13.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-13-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 track
servt.modoro360.com/ 0
70 B 104ms
97ms Image
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=kooora4lives.net&rs=kooora4lives.net&sid=7247&t=1665989760&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=620a5acab6e80f22ac327b74&test=1&aafaid=&proto=https&uid=1665989760568-965177218956-006093-006-009538&cha=0.7&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.56&cb=73235115136&d39=&d65=ControlGroup&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338&&ppid=620a5acab6e80f22ac327b74&nid=60095c900c0799791c46d8d4&pcid=620a5ad6cb35c5271669185a&ncid=620a5aee0df18d61ad2f5eb4&pasid=620a5b32c777be6a612ff244&e=request&cb=1665989760890&asid=62961d99f397a261291b10a7%2C6164157a30821f500637472d%2C618265cafd19a24fd246e545%2C61a49c3ab7cc8913d52ac044%2C61a49c39b7cc8913d52ac03c%2C61a49c3ab7cc8913d52ac058%2C618265d54738091f0558efe4%2C62fd5623b65be05ba45c414a%2C632763fd9fe8992065024df8%2C61a49c3ab7cc8913d52ac04a&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C0.5%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 102ms
96ms Image
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=kooora4lives.net&rs=kooora4lives.net&sid=7247&t=1665989760&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=620a5acab6e80f22ac327b74&test=1&aafaid=&proto=https&uid=1665989760568-965177218956-006093-006-009538&cha=0.7&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.56&cb=73235115136&d39=&d65=ControlGroup&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338&&copid=60095c900c0799791c46d8d4&nid=59c9148628a0612da3689288&cocid=620a5aee0df18d61ad2f5eb4&ncid=6188f6678186692d1b57a0d4&coasid=6188f6fc4071e35134085f46&e=request&cb=1665989760890&asid=62557a24e74fb651954cec3c&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5AD7 6 KB
3 KB 45ms
27ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 772ms
771ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=77032856843&lsavail=0

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E97 624 B
297 B 36ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCbv6ABGOCNzNABMAE&v=APEucNXNEyTVEBpSyrAv-O28mPAhOuSFbmTojsPlzcuMaW01JZBvpHW0bipWlVUJ1rZUU68QW4e3PkOQQ1N59MiMnS3c-gA9LwSzTREM9aGC03-SIcVp1AZzL58dB4Hf1s_s94Fmg1TMWxrAFOW3UWUigDCzKWbQ-tDCCEFCzfzwXIUJ5Yg5qX0

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 47E3 28 KB
17 KB 73ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8Otm2j6lhdv7F11N4vZxU0ZcenJjFCRNmie32f9PhU44IkWu8TVLAZExubyYrBBK1EpjD5CdJYVTdpXjFMhni1bl7zeI3Qn37byXx6KC-2BMdV0XT3bkW3n03hlCNLzuQTh3p8nPpZqDuLnqH1FMJTTFWUktREhbhq1IO2XZF91-SdDQ&cry=1&dbm_d=AKAmf-BT3BQpkFVYXaxkvh9zd6_Cv4_gMA7IfQ8t7X639TBIQL5Y91ZfcknTU4E_MDNxmp5fNsRxScBHmxLnNEhC8pLpQ7O1uZK0PB04o0JsiP1kSqYFX_La2ASoBzUUUBJhw3n2ZFmbT5OwRQVrmA3Pt7SU2OC_KiVcSsbxWvLy6tfFNJDqkDwEQP801N43qWNGqsB40mooGKHEhUJRH2z-SW-SPpdaZmxcrwWQScsKACQ6iEkJ_bDl9LA7Fv36o7BgrWcW7wI5knQ10tE4p_plqgf0xE8L83WAryBADAJk4h5JdkQlZJvVuDh6xVquaUVCKB9skNQvGkKCkjYb9bQ_iWUcGoiSBALCl0UWyrvY2ryarGeTVajk1HdT-bX_E5FPJFpzM2ZMHOM2z84zIp5Hz94DAp7kc8rYfHuzj2vQpQ6DxE3tWYYLotkDqRPbgkjwQLj1lT9vgVFEFo6NIcuHFM2X2bIjyA6l_1gXng4MMGfEu7ZaFMD5bDDIdyfyAT-6Xy3Jo0wU7153OrPzDwjP7VDaGnJQYgWMrz2JJDyQYMat6ViL376LLZQs8YNNSRprKMuHGqQ5OTjOOFyjhMGHGI2k-5wk2e8dJ5bL-94gKlk3oMsL23xAatpG-ebEC6cjIEZUaEptB_2u1aC_EWjep06kYcFz2kVF0hpE9jUiF71r5jTj7pO17nDvTSGv5zQGtsBvJuWmXTFaF1wGVJlLF_wJZqhdcN5DEYKiWMra-iwaELSC_q5Rhm51J7Wea68IafxXW2Jv4FGQEwFYzXa-P1jax5Te40apwoKAjWOhn4hlQd1Ip8Sn851YyrDHkK_kP6cjjbiJCSTGvNP5Ie1AZyqx70astI7xW83j6aLJp_ClRotqqgj2j2N-7HyWxuHwoEI7BCBON5dys0MwyAtZaQWyXRXbURMqV6I3fr2-a4N6RoEVmQDfDUMpY-vccu-mgw02w3iA09aVU8vE6EoQMvSoz1DbdLDgd2cGkz429pEZdgUmpPjgBy59OpfvVVq4GrplvUMDAw9X9Ygqzp8xqMkfdUjyZlhBa0bZq4m3d217uezZOL3cCsXWfO8EqCGOl9darzt_6xAPCCKEC_t7qHcpbGttCHhIuvDsLgpzN9v5RWdnG7a-jKuF1cEKy6jV4z4GR4Ae1mjhuHAuSYz_g6W5ZyoFBVQ-XSGhk9XTCoyOeBhoDc4NfTEPpeyw3-5VQrlKH9Doay0ILJXrDQsRZbfVZPkWixMOYxl0tKOb6UV4vdFQsxxzRk2mZP1oLTRUJzpEBOYmcqz2aFl5WVZrCwPZwhcrtAxFXQoowW3hnnnPHJiKXeus09Ba4BS2Qt78yYUmLVkIU2wJ9HWHs2cp-feeku1lytkD4H5NAbB9WdpQnqVa5DFvkbg5cXf0r5x3MZ5NDcgYGfvGUmSRNqsRUvH1dbpA1Fqp5vXnbrDbMbBP2S3NBCB0U-sQbpKYhrIpMeSZ6L8X_M-s0Ull1Wva528y2bzjdWDJ05pCNzjeXknOq6u9S25SwKOvT1guXQBRPGZEdIp9rTBT6jVzm2LI_Z1It7uQTSvCoDhB1ZiWg78ilT6MPQzNgefwGsxS-xlQbBklytEs3qco4KFOLxudYXOjNGfAOF26pS5EsJhk4o27bYREpja1qKi7ssRAnhIqyKmwSdydAYW0EyFGjpaul_WL3E2oP7iFWCalb23rkzsh4SpqFVBFr6V7GNFCGmqGO5DHD69jIBvNtrnVzHZom5AuIlRPXtjsVO5KLVyUDdA6mBIV9uJUt4RO9ERXGfSi7GpOklVcnUFhak03znv2MgtmviBhH4fRG61rdiSpHwOHK0QtAnZGBPnJIAV3JNedebPaGDMZtZ39RrzvV3NKzhrFMLAyrsz7l_53IlgdvcL4RQfOgBS63u2Av4mdM6Op2_eErYvzWDN4e-sSBxX18aVX4LPpRsWTsZRKBmYGlg17iBrc5e4pnu8zgCJCnPbIr4jbUr-LnLNYy90PVgJtPnGyq97PV_IwBisziemvN6gDzLN6sec0AkyfA0GZtPG5UWHjyD5Ckw7tDb8D2t9F8yEawpHbxEDlFbAJTvdus_i7LjKG8XctliIJSrFjmuQV6DHHEPIwdwUac8VQGjBJEfyq4iV3gTPl5BmKuvC00fItjB5MRoi7DT7zBsv1K-ucBWcepu4Bo208IweDZu6HtnhOQK6hbM3dBdF7Gq57BOmHRU01FnvKIxhRvFIDKD7M2bptcgDom7tciUEInVRmSh6Aulyt3NiIFtfthOIQjl_OUOpLNq4QC-rEW7duFw7JQW33hzR1VC3fzJWCMPmdo31j0YU7SL3FTJ0S1ZALDVJsgmQV_XTeU-lQ3v86YMdHSAS8D5O5rtemvaMtg80T_9UiZFqTNNF9qc_eSgNTFNpcpJSOt3SWNt9QahZ5fnDDNnJvXOqGhum-M74sRlXpgS41ySpOyuzbwSvssbPO_FUIztc1FEMMr68L3uyoOcolx67XOxYjdDhHZFgUmCtu-fb2mYi7sOTiz_B4gMjHTTwtv95mpfumxJfCTqPItxJRtpBFpaMj1bZYaeXh0qogm-0PqmMpSC_EgzoSa8PCZA0qokuBQQJu4HJ7yNlBU12IEoEQAEw1sJ13HC2i6vNtc3gkqBPyhyZ9Wral3cKFVAnQYbzJZMLr_Y657nG74eALX_fROPiE2_YVrDd7s_E4Vudk87SfgXfCKiM9qWpEY4idUidbcRgv1JRTeFLLE5Mek7mRsC47rO26DrV8g1Ywd_f4Rd3e0d4m47Q6YTfD3DVK5UaYHaAME4SlMhghMA5fphJlV3cEhGq6ntsqiunYYlFw4NUXPLFksgxkTUzDRLYUvshCZbrnG6x76AGb7mlbrtKLwY_EDrgnv_U6AH6YGCtcE4eAxPXoWivRNY6Sm9oMZEAlPVm3hpVb6tZz1W7_L-GbrNXsiuWtuWaEYT-uDKexpU96K3nTQuqB6H9FDAbTTsCwvlMHdM2toj2lFbtC97NYq9K3-h1i1JmGWaMdoD41NAkdVRZZNwP65DNxZWl5XjVWybGpdA91u9bktWzcAeWNbUi-4JOmfRrKWD1xgPQfdlHTRhQyIertxVbfv7w_ZYzAg9eCzl2S8yiT9QVIeKcWfUWJa00Or5S6ZcHssI_M09_JqaKGxF4RnSeUgxpm4H8GYNdicRn8qC1zRDQY0EwJ1lhCFLj3bU_IyIIwaUi5osYj8kju6q7aCC2lObXYDOyHtd-8fEGo0iZF3eqBtfrRa8Hm7jhpq-1T1sQBnQI-7sBMhtmRj2q3Zce4ribez3p3WDY4uCb94QPKvBRyQTZjgxyLHPqOzh2a6vi_SLN-4zp_4Hjd78Pv_4BoTWefM_MBC-EIDcnHlAbfoZ6axUsV6AX9k5QkStO8LNIjw2oZgfKNhQ8HBssKOk_cy1TaA7JnhRCWVfzCcS762TcLGnBe5koB9mC2UP65KawpbjanGiU8S0Ef7aZlQtndNygVdKnKln0&cid=CAQSPgDq26N9niUpB2v6MpKUcOHJSpMJhwR-t4_eB4iOwQf8fkHVNakXoUmATfGbW4BJNkiRyWd4USj6tHg_xe0MGAEgDg&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c837e72a358918e0be398a4357300c6425d39e121313b35b8f58cd9a6dc72f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 47E3 28 KB
11 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 17 Oct 2022 07:19:08 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 47E3 47 KB
13 KB 169ms
29ms Script
application/javascript 34.248.3.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008233501&campId=17693586842&pubId=1&chanId=1611661212718&placementId=437454560&adsafe_par&impId=ABAjH0jv_JJ6OM8Jd5J4zXM81uFP&bidurl=https://kooora4lives.net/beinmatch-4/
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.3.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 22e934d41fc71e0af926b847f6bc807cdfbf25cda13b8e5cab27f63c161c01e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 47E3 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:03:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 47E3 17 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 47E3 0
0 17ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTc1EIyZ1H1x5_DVD01DqnPCL-aYO-_JXxwMJfOCwMnzKMXhC0fq5uKQJqKa-Itq9SbUqUlyKcxOXf1K4r-na9HCkzNEg
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47E3 152 KB
46 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47E3 42 B
63 B 60ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALRJGiASYDBwLLgRaSqwW836KfY5fDR2K2NQUmQKszTDqWj0At4qSvYIo43MVyLlj_3OltCOHwld1pJDHLzvL5_zlAnqoJi_XRIdLKNjBGZyyEbKs

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 0A8A 4 KB
636 B 37ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 06:37:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DFAD 8 KB
895 B 21ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 05:28:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DFAD 2 KB
902 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 19:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 19:02:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame DFAD 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 13:17:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DFAD 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:03:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DFAD 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DFAD 0
0 16ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRV8awdB2rUHv_F6GFcdBYkmZ4idN9UQeVYeLsF4u0JlgpfQsdbWQlKk5TJYtKLKzXjJaZPf3ht3zpQaT434xERYeFQ-Q
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFAD 152 KB
46 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame DFAD 33 KB
14 KB 60ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 0A8A 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 19:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 5516984893510486959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 19:19:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0A8A 205 B
519 B 55ms
12ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 03:42:05 GMT
x-content-type-options: nosniff
age: 11636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 17 Oct 2023 03:42:05 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0A8A 604 B
694 B 55ms
13ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:48:11 GMT
x-content-type-options: nosniff
age: 470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 17 Oct 2023 06:48:11 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B7C5 640 B
316 B 29ms
28ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQY-cCR1AEwAQ&v=APEucNV3EUar5hiDerNOO7YQopf0CuXaK0HEi4SySY--XAaMwcFatRwDhIEWvL53Ww3cdU0JD8lHVQbkWpblFit1xJLmQ7G8XV82eCTKS8JkBqFIVV1LH5-Z_WiYBg59o4DjNKvkG6aNTfmzER_gprsCSqBcuLMc1v82MXI0t_Q_yC8Crvznu4k

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 317E 97 KB
37 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1t5xtcaAZ4bztCGzo4zYKL2gOw_WSe1giM5dN41Jw6N6ZhYHPFjCScmH5avlZPfk5p-w1k4daTqdnslrwAFURTDD2Yw&cry=1&dbm_d=AKAmf-BvhkdK5DpTYADUQOkDzO7nP1utcYtqPMb4jnfRvI5AlHV66w95oQ0kRUguZEASs12zLdvWJ8lPfFLsMn5q5Rf0Bk8DZbCvOIYo3c2fUQnK_Fyvq7WAxPKDIDdITu4gibU-pWdeoaJoBmL_ZjGotBUvwyBSyk57ewZ0BU523sYdlf5Qs3lecoFc2VS4nlLwj5QQISvbOzggmdg4Jtq3oENhqrw1fp83vq0nt_iOd_TFdfWo6cfB3xP8LbwR9v1wDqH2TxJjLQPvRjgk0OlERT5h_sFX86HxTaVMQGHPQPROp_gJU2exm039upIlyN-6iVkw739fIrwEu798bd4bT0l2oBQcBE5pwJ-JrOLksmoLavNZUSj5H9W0Aph696egnzdwOWpDYajIzAyIO0ut2Qom-MinouyukljbafH0amqSZV5q-ABQiqiSoHs9hxlniLDlIp3YcsNMyC3nDwYGOrLOonAMlz18kn1sktNjayEUXhEMEUHQhpWOWzcdZPnDO7fX-d9mzKcyBv68Gaai4R7uC3rnhyqNY_C67-Z_-Xho-dfSr3Vs96RM_0RjcQ-Zl6WY8bZYiEJepTwLgm1hU-HqX7w7OY4gR-FxM1fWrxPhoCeZg-FDqI3qF2wjgy5Ma4-iZYF0OKsIw8o5bN0Nsi8CcL_bQARwy2ESBOd2OKT2KD8HSVA6IqNSusk9Q6281vUwtP_qP1s3MBcE4eEkua8oO-RA3TrutMKVm0QuqyFSePtLglY1Ey3WVJYcnlXrmS1FfMiNvpRPSlxf_FqpeWWGvodLYCOar9C1K6iY-Q_v4c3dgeQCHGNNf_n5mhOlq69mhe3PkxJ2ofmS3v4uyKB8QdB93ddKJYuV5yRKx1qrFTQG2SL72DKAF_swUbc8aGQdjyTCK1LLmiFilyvX48rq5rSHcStEraqdGh6-DJSRxq_XnaMJ5F3KxkquTQs4pwgCFIkSl4B2ZpyetnFGz69pWqR49-MUlFHtFEb27PqwC2ACk0ITXGcRbEF504Qu28F6_yiPgwT1A7PEJIQu3KW_Buy7_Ov-e6neN61-DXjeRHKcHVW5kn5psB4KjJqoxnSOyqpXHEWJAnYlLZ4tS6q1Zhx2JK4DBKk6JY6khDEvtkEckOQffmIhm6x3xv9Yz4TIxyoWeGSVpIryAuiIAjHFhSl6MxBrO5vpc-5kkYPYUZc7udcIOtAQGS86NBlLLFcKbWp7agY04abusIUTGdl69o8uD71yJx5pHkUACB1rO-mrlrbQIP1qOeN00avk_PJvuYDhZEjbeHaI4RjJBfvLs0p4aD7yEDOhaI38iMswEwxajv_OpwINcoaya_fCKxnwfsolq6aqV69Ea2gZsDcMXp2d44RKoomeVpfG8kCIWlSZ6qFpbvKc5FzlG-9HMh45QbzP0Us9w50S_CXQTdS8wYiJa2O1GfavJ6CmxL7C7zMu76apZFhoXwbsaRX6bPnTRyXwrfp9jXqRhOxxQk_eOwpR9Dt3gV6V6nkpWiL3l3oo5n9oj-CjWft-hn4UEMeBPRvEhhptQWURntgvC8DtU_1kQ5pp5fqD12NYVPbRmiqrrgx5ovBJMMpe4dGzP92UEEhemKeVymmGjvka0PLbuGdlG4ygJfOq38tAXm7aJ2xa6ShpDG9AcrYRJMbaZbB0-RsrRd0BLLamebN3HKFzOGrr-TKZ9s8yjjh4x6I4QFOv35FmQRAlxwbEM2dz3JVJt4SVDkjxiFfnVW7DyS_iy2_MMN9QujP-Au27UPIRDQ6NLX3hWdCSfIcWXKV5t0tHxsJUk944wqcnZtvljqb_R3gGFdXBVp1mdiypf2J43QWlSzymXN5GWT8UBAeJEDP-HcSYHIo9fk_CZPfoDMBX_uzVDoovu62OawojUg9cSSbHt8vL4HZQN8PZyza8H3wPaGGQSg0vgHyjMSipCq9fSskQ43oBhCqe9yR5l24G2ag-TwobT-dmNiX-FxnIoRAMlHQ9tbnyxug4yiJgARjJz_6vtU_Q_3BXAiSKEU5RWzTo98-pmfu7dMyPrgCXcdPWaWAAQtvyk2BhepHi4RDrewJbNsu4Ks6oIkyoLtJfAjlK-4kxHRdyq3852tRG9HMXhjSsNWlGTcmrJ50ka2eJd_DulCcDj25BsyNjNlOShH_QdOyO6q9Q82uLlzBGw7wWNAwh1uRuC9BA-vVse2Stk9x7ZKzmhygkkZZNI35ubs1IWgPH-dKssDwu4xcVgSzLulD2IR74QhW8YtiiATCL5q_xKFVSDwhtQcsiqjqzBOFJrbRLTu7wx_ioa9-VFFZF5kl_eW8JTT81NZP8j_rt5yib14mbq9zZgwHu4I28_JY3clZYc3ZnHEIqAlJJu_Dx7VblaIfwrFsE3nV7D-hTxrpCcVU8xWrRgR4Op6RjO4172goy7TP-OtnhllnSY0xB2KtA5XfrkscAzUY8n7jtpkZyaisMcytCWbcR8Y7GXh4id9gFChqpeOS9d5nG_w7ouo7CLffvYQtE-Y2bMP-a8IfUwrGki4gnVe7PFVijh75SXF1jDol-Ey5seD6nesZDwdl4pQXTEv1Qpe85r-fbl_p1YDG7DfCa-E-U4TeavXkjf994pX1WaxZEt3EU1vTUrCO7JQHlA7GyRyaTA8R6eV_RLyXWqfHfBmnbl3NPNQo_fn9c0Gq-C1N6U7aPLcnu07J-rwZlosCDSmTwPS_Q-B_VGPsSiDgBTkFuVR2aX4AoHie7Qi6_L_zFmBEbRYM9vI_hNDC5b6rAa1MJjhd3_7inhJJDsu88XaDcLdHWCxM-OAt2ur0DykvRa80qV7Zel2Tk5zprpZLAYuFSdjc9XsPrgTSf9mGyuL_O0fm-8onz8lh27zWSPSsqePMOQJZTbhgAhLN3FnenXRhMkJUxe_rHEQi0vOLns7E_18Bu0R4lRJrJvyN0ZXyFVbrNSgAkAk4ynMt_X-bktV9wrQB9KkbzazJuBGrzXATG3QETud1nF-TTL1QA7T9mip5gPHTbcIwHfqnG0E79WdQJkLtFt8rVBm-7YzKsrTFqSC2l5Kfg5sffDYaU9sTNhLJg6EsT9vEQVnheZ7IL9BAU86lpLHQwfWQmmWCm_3lXGizO9aK-0X8hc2kJntKr_DQ2KUp45-e6MXjbBpD7LmHJYiAw6u_48LHHyuC0R62nT6gqHEMoKvuVlWrJ-A7QiT6K1voGATVm_w8nYM80yCKk-dF6R7wWamhZrN9MlFv2Czn3RCJmhyNXmmVzwTYnwpAoQE2M8MPLuvZPtry78zhg7XHOWuGoY_PoLfvt5yZWi4kOYtCwz4-Eyu9QM4QKZNQfQ0imNhtZ5ItPfUfjCTAGOFd6Q7Ek0xqSkM-bMVc7Lbe41-6sk__R1SE0wCtStJzY932m6HBr3-OOO02EMbFpgldwDIcPtN_z1bk4Gif96ANE-fQjtrmX3GYlf3NlGSVpQEvE9xSOFSwbsTwf0UNbqvMa6zZnYexoofijnnUS3hQZbl90QLJDkdXJhhrXFgMLWB1QXAkqAiXHcL5V4r_mqc3M93IhNXZjxuWt_2Lb1wr6WJ_-TkE&cid=CAQSPwCsnQUxo3v7LNp6-xWBf5RWwU2LK3OKqRZLVd9BcwKpObvq4bfQTvHnwL47W-2mhqwk5jUMToM79i492jn0CRgBIA4&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7fb862aa44cb8948a6fd72b89d7383dc5eca566aee7f462b0f0ebabd5ed71cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37937
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 317E 42 B
63 B 62ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM8_W1kWV9zFnkTIuibF5OzcERDUq9z-iJeyBEG-UhANM6jVLtYvdOQ55vO_8x9SiUnGNdx6PfNSMX5P-5EYsp46HVjic1GyCqUJWRc5DcZuKmnNc

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 317E 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:03:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 317E 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 317E 0
0 24ms
23ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmn8oY02FTUwu7XWExTFJ5RPQZLSUYXSQYTvl9IoCuS8cjkydSr6ul4njw8K2u0YkPLX9fAon_oz_GeBLbEQF8-iSzEA
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 317E 152 KB
46 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 555A 466 B
301 B 47ms
46ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiYgbzHATAB&v=APEucNXBOVshvHdn1HhJ1EfUtPLFcN543H0ctomtCaUUF42gCAa1EZ5Zv8pd4JwZe3QAnblSIQCKemvWiP2kvlkiNZULo13ONYsBxFKSQEpsPGreSz_xTErYqIB-B05mUrmZd0jbxyk7HmzOEtEbLNI7jBL5E74I23mJFEut97TiIloMteAXzgc

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 261A 28 KB
17 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTb0kYe-30tO_t8D7GdFZIelC6AHWwqdhtBAjKfjIz_2msh5PQkvsW9ZhBokJwB69a7b8tfAh-318beeXR7JpnCoDD4SiATldCahp0TcPWG1_CSdxghtkpMnY_SFGgB1k2zxqBmltDpUz5IHIeAuqLTyHuFetrvm2m5CISvKlhijkqjnc&dbm_d=AKAmf-DcHyD9DF1dZsmOW_A_31BI3t85QUkOt6DSyHyKbkK5ndgI0okVYM78etc7g8k0rZyBqoqDoOl0Bs0haIEK723kTEymMkHbue4HMx6QY4ntKjMgooT9-wttDi9sgQKRIeczgQ0UpjB1ssSBDLwmUj-3onCrp86iAKAw06vgb88HqLtRF6nsodr41x-PBZh4u7jMXSnuRIxBuBKd0Cprml4yM_ZvVXzaUiNvhDrQR3inxIJEphS8NZZLVQUtjWWuKGQpF36BCOAxeFkNLRHRz4KaCoQPLUYSUFnX1r_TF5Os0Vmv_Q5cV8eGQYlueAU5UFMRuwfFHz_LLCdbagxgOrWkGAvjexy-mDimcy_3EeKMdfgQM7ESGH8H1YNVaqZUmzBf7sNVnuygMKB8qT79zZuUH6gEVpnGtSQ0SLBGGJWZF7LF3R_Bx_X7hrHkAbbNjYGp8Y8lOGZgHzF4XwikXyShSnEM9WRHajs7prZ4SawKGQ3udYjKQrIqaW4LspAqKDWpJszX23TpRDrHOElLlg7h7kqVgL9nWLvqLorVovCHhaGQft_A_YKP_dCx63XtJW5ooiZ__aShdIskGb4-B8BDpkRx5ySKw2QnfWtsT6GixG8xwvDCgZFTbj7HLWoX-gLV_H5hGzI81tEufZuRb3Y2YakQhloEmXpbS5FuRfxv5gMMhGeWwxzumrxiAdMy0OWNCVYfMQavpDkNRZZeKxXqDeBQtn4inMR9nc1XAeYemGh8dju4Alez1mf8KPupiCw3oBxYs78jJKRF6csCs57BUwpQ-tAt3m-1tL7GZ93KavtkOWo02EnZlIH1tK7PgH27Q7i8TRzLH9bT90smFeN9itDAWuJ02ZkgsLjBVcAndAy9MPe7J5-lKRXhlQ6La8f4fZIdw9_5mOBk-3tPBUVHBbEZV--wFYFIB4qrSzUALxZxiZ3103rZSB94aA8Oh6pGP4-4b5oMnZySa2myEkY4263l1Syw3zrBG_7ftRMp6E9Y4ATEeXSJKvMd9F7cJRP740EJXXPQy0FinKh6TRNu6fBa7kYLbomF_dtPIeVqJV_QPpWNloQGbnKzPWGDmuZgY1Pk7EHUwxRITJ8bnk8H5co6WKSF3TMBQwUioXCkxdxdSit39ebVIwMoBLfAAty7Ofxo_2TtlPcoTAetESIqy8D8v4UzpGMC7-tXAM9wqzznezkLXvigt8DJCTQ8YDvRKDOhoYAK9_S3Rn20Tu1WpdwNtE82yobb00uuYgtD1fLElT_7LIMU_4nkswtWgy_5XznIVZPIAg3Br0xZtX61j842Hia402p_TKhT9K5zrvFRBG1iVmXuXGw6xZRwWI2WaTLasCJTyLZ1jBpSr0EYK5eOncn3t8UlHoA2aJDiRmxc2_zrTzSD8mWPxJIYozLy5s_Gd9Q_Zl8ykC6oj2TPIbNEIlRHQ-LOTvWJWgtHpsOsIFN5dVCSJBhb2VS6t7E1pT2Z8vdnlykOZEteexN-B0oOMQVtGygkc3hICwz3QAjwBNRlwJR8ZcIOC9wukZTsbRFlDI5hS5X2PUGi1gSOdqxrX7eBsgcGrLJSdSXYFd440-kEITgjZ6SZkDZag3towAniTF1xL0xWNRos_8CwkSMZazyUlrqAD4s1PbcTXZEpewcNLdPZvBes9Z38RuZQOWYuqj7FTdc9koPr_WxJmv6myYVcl5GSyiQcAtbmHFY61x9O9ZBbP1aQuOTf0KOtwwdAph44S9eDF8J4tInMavcw3r71UsEx9WahLyk2Yr-8I6b1puSvRbzazSG79a-LXY4WbHa1OytlrrjraZ5mUPFNcGPCWL5YIWOJymeG97N0H0kbks7WYGvLCRaoBY7Dq9_4dwiSbg41x1lfs2acrjfV6WyWfughsdLdAqlKJJPmHKcWxYUkJWbH66ExC299iJOtCGMwRSFAM-lCDpj_K00noYWsUiEFCCJEdofqed5hYv0stJwAohDaO0OOI6Ie3Ft37osyiz-2e-GBYWabPYC7-1Kviyf6MsZJTEauh62gjYy-evtCZFEsqXYmlhVQCI_BsDJ4lbMmPEe7MnojVLgNEa81NlTM8LaN9BF4VQK7Rxsfqb5XMU5QzOKsFbsm0QaKW7TJqZjiK3RT_KtE7reoRe95NTXAyCaFAEQsYemnQfy48SemMxe2LzQ-2dPW4cdLRz8w_yx5cACodNku8JsVb6LgcEpwnrSWOdBnH1ieLuchzMPGNfCd3AnNu698fqvQg1O0buy3MhDSAgEVWRszBUlUvBaCDBL9jIeeI_1AkUkq_0ua1ZKLpMbhnbLXPpszRvJ33J-LlbH8I5W93XHKvqmbcOURVN1x6RGZ8TAqE67p5LHB6ihos6vONgVf9L7vuaefIIbwGEwsi_meHlcaa5LX1-42gTzMLgi82-U6P1oGqPkMLqfZa5fQhErvRvWA_emdf697WoOlCg06-xYYlJCinwDLAr1Pr43TY3LKZya8caeEWqdoOHSs4ri9i_oKfhrieDLSoUpmVtUqc8HwheIWzFY2uoJcHYSBlEgv8ASl4oa9QNICQ2UbH4WwBQaQc2P6EuJjSfmMGZoQpJjpy_QgiMGKvufQGhHGwnkvv0TwDm3qbmJ8sgDcARzDpF1H9ySwYyoNvVazq8T1YSZScbGX28pakUi0xbeWGTH_VODir_H9H5hpMPgcKyQBW-6HAB99SvtKxkrCHm4TBDPzyMQwuHJ9TBmiIODPUjUzPebmhxAFqUOKum0EGRoMG44-J2Ff4JHogttsN5sMByFKtiuzrULDwmBmSj2s2M39RUo6NPETkYZap8VFL1BcYUgeQLJ4rXoQ29NyrLHxtTjZl8hAXcpdG2a9ceB1Z8TKK3r6ohxzQcCJr8DVpGTj7Z3wSczmcHyXT05QTjAMAmOGc90fQaXadHfm5LI8qGpmaljaH3U76GLsBAfoSyDv9ZpusfHcHFmmgi1UYEvTyn1APDQJJmL1omNV3JFQUmISP6u41jV_iu0BPhasCSJIX2s_upgmTVaPLfBKytlTI8FSrK8F5lTopO9Xwcz7BDVPS5dz5nlxMjld_iKBX1kLA2l67v8bqWQBJYXQcozBM1lCpW8MROOtSlGcbghSuUAKq-FZC5-iHoq-L6bs0bSipSCzpQI9QX1DYMN1Q6_5FAWfgl5GLvYKh6T-rwxxTSORhlWp_IZtDZtkWPz835e8QqN04PFGeVdjm29arOkXbwnfH1S96igC4bzU33lj05LwWqN7taJSazKiE404Gag4ruyVuK9Wi7mmuh1-eoNx11s1Iba8EdU8gYtn4AR5ih0SKJ4U4CWuUUW3fFIEN-94QVG0&cid=CAQSPwCsnQUx0t9g94kVbV7f_Forme62GpV-qE8l7aTOR89LmiWAEvnJdlR4304qfKDIfMhToYqIP0_5XD5T0ltQEBgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5d59c5ace921b9977d174cc78e856709957d7f9ea8c2505a351d5098eba652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17097
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 261A 2 KB
1 KB 180ms
10ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iH1Td4YZLI6H9e0Jy730uu&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16718138814&DVP_DBM_4=418316440&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1611661212718&turl=https://kooora4lives.net/beinmatch-4/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Server: Microsoft-IIS/10.0
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 261A 8 KB
4 KB 179ms
9ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iH1Td4YZLI6H9e0Jy730uu&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16718138814&DVP_DBM_4=418316440&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1611661212718&turl=https://kooora4lives.net/beinmatch-4/&DVP_PP_BUNDLE_ID=
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fc3bc740ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 261A 3 KB
1 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:03:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 261A 17 KB
7 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 261A 0
0 47ms
33ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoWeVVdkzpQ__CuvwjIwmB9v1kuXrpeqMkoY5_FwxzPZ4Zdja0EHpwHgkUCkS4KdVhrVGc7XgCSmphffliOHm2stKjrw
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 261A 152 KB
46 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 261A 42 B
63 B 59ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMpexxFinP-aH6SBsAYMo8UYYOZ9olgtf5gp3AeVV32uws5daSslro3yg3ZK6xjO3Wn6Rd_MODBG-BTrOT5UVE2xMxr13ZZ6YFYgfSZMtv3VmO-3Y

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CD77 398 B
279 B 43ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNWdQp17K9btHi5eLMMeI9Kl5NL0YG2loCJh0tJkcois-2e3D36aJoSgyvL3Am9PJ1QfLIzhoR0OWz3c7OsooYdAttll4L35aG4OsaRUbfNB6NE1Knz1AjGu-b38_Aa8SjiTxubx3aFJyCZBelXO9C_3TZqlJLMbUhE6p7Z16vYTApOdMjw

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 258
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A68 102 KB
38 KB 94ms
67ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzP8jb0KZmXGW6Caawv8_Zfbiv4zqc4xDqF1xLPeL2sTE_e-6BPkxJp2C9ywm9O0xyl7zPvkpyLEjx_fQPyq1QRCDI2yKHPqVmLoHzHM8I54kDmikKTs6gH0bCrnni80NnoQN_P7_41-Y2manoOg61xnMt_x2zRAKPhHNETNN1Of8Qcho&dbm_d=AKAmf-CbgTA-DrTmwlMiz6QplbUcmTcgpvlBMxbI5k4u3pzagjjrBHs5ODGeOxgMpnjTH6DnC6QC0l8sK6-z1nYZVm6lHoX_Y8CI7YZk-Uqa8vzwx4rtUfFWLpK4LxX4tIR6ldYe6o67smfVnUXhR8W2SMxb-bQ2Dca9AT2YSxwCvQ6Tji92H05tIP6jhGR-Ul7gM8jr_UvFjyFcU57XNNNjNKPX85YUzXaDG9LGaBAtM6lA9taBId8Tn6tM81AvSrqDHlg1GbquJtbAjuMC4mgZYCKApSDp0Q7TpWsJpNjtPIdFOq2dE656-R5C_p_l7do7gDIVxPjljVx7ea9UwGPj3MHQ2MexizmMVPLUEs4UxI-ztX4Mx24odAI1rLnfzwW4ptDlq6Bz5uXubHIWgsvVJeZTXMR76FH34Qn7D-rZcaXZaGI7Ds2rQSyDW7Whip0fbk8xSbW86Jst4Vfp0So0gbvDXHM4Hq3Ij6B_85PlELMPWieKqe-G3lo085tMcAICmxLPxSRAnGdwQLZF8GUggVTxpNVcn5lOo5bnvli0RsxMgsf6ChGjTl0y_CNLr6SWj3tHqm07d_ZgKuBZ8AtK0Pe6kt53gKVTrseiooxCBQ5TSicuuJWdyFiH3V_GHyukQufSWQm3yfQ6goaEuJUjeZMeDxa8AjcEttGGNham3IlECsh_VbKTIUTJX1mjK-6PLRp9C2haSJpN1AblngBxKRz7pJflUTqaBHKJbQjTJaX1Quf0FijzQEyzyA94MptKyevfg7vwsVYt6R4YK2HbDjyFulmdBCa7l5vhyce7R-B5fRYqyxmXEgag4ZgugllmCkNisqdsP39a3KPLTUo_Ms6KFxBgqXBLGxXEnOn7X3PtZEI_bkEBqpmJlMfRCLsaC3etb5FilWP8mApkmJ8koQE3Qc1BSdB6J6R06VYY6pIllHLxawTDhRsyOW1Gih6XI40fzAWPYXxMqYPpyMrr7pHSJQUy0L-obJtr2YvEpqheuBTRn5ya4xhsLw6Z6Q9mmVcW_AdWyiny_hqthC_xGpLBDmBTd_o-RZFv1ZdfU7SJ4Jv8Ggnkj-omZsSN0o0dCubLmnrolMOZGPAKmK5oQeR3EzcAuhYEWXGZ32YeXuY4pcGpEEwkLmAoODvTusu3SXrGq5wCUynG9_atEe-bhdzU0tFCbJmPWcx-3_zVx_oQk9YaCdBW4c23C_cxuz1mtiiqsrKzadOp_8lUSoQXOXO4pDEKVeMDdAOWTlKc1K_7cQmm5jkXClyxi5_r01pRuEW3wyT9pYmeTPRnGJJLN_J8oDqsI3s12u_CaKlhaALqHqwCBaLXZnfIRRH_SreAtuT0J0RjvwVzesubSSR98kYomGsqelrElVqiccxEBLaOGvC54gMj0qDIUZkB2ofA4LNgM8XwrpRoHI65RV8dslZZ3fHRMUqGFV3cImxAku-psiY0SlmcCUUH74-rm5d7AbKwgI3IDKiVTgKHxViGOtrbj-X08PguYUXAUVLt-1WfloyoVkD0CLxPraImfm6bfTuNCwyhRoEUJ2PInPpSPZuvtNVdF-vo3rlJ1uoX-8-tPOPTH20NoRsP4sxnrwvsDPpfMR8xn-XxbFKFRjgJ1N-sUKS9oS-cDsOLVuLsTLoUxQwGykzWpMwl6jodkXrhVd5dxEO7O2bGH_GuYlvliziptyrpEsS2MMc9va23IH9XmaelCY84nrDhuBPLdE6c_pl1_Q4oyNE3a3LwOqPJuJGzfbom73ZNrUPJETiqKbMBl7Hq99PWcAzOVlI7yEIpm12u0t73jN-k7lp6YDx31z0RUrerfPTuY-01Yde4h7mcFAw9Og7Uhw6uMFFOIx5uZGzk77R5M6XKhby-vXYLLvrV_Q2wX_6cJJ_oKoeWwxTzvzQpdPzmozD7S8KVInmFD3ziZeRwQKKlMbyleUekjH2nbC6G7nSbtKnVtbSdg1rrNDuHT1l9CNM_7f19mqFg-lzkIbIh9puPlCKdtkDIwDXz5M40lNGnSGlUezajN5ruTkqw4eR8qngXHL9xAmtAft_Uv48cVC7Ahtzd7akvrlbkC0T-h4hTTolUVRYZq4RZQx4EmVy4-eAVJOy0UVNZEwPmoaRttrbZZGqAIVpVAdFGvge3l7etr81OujGMbHvf_qRe-AyZzerbq2f65Vz2ZfZJ0zdg8J_bofvMD9C9JpuJEi71VotWypYDsu494_498hCm2NSPpnFpmugdpzGKyYCK1G5MCS4uM72IOP5snS21WB-2rsUuJUamYceZA_405nlGoY9im7fzVKv0NxMrNUu5Gd6Cs6NTrYeD73CV-EOkICestP1Xcq8SqrAZ6OyMU0GcoDkH6oUZUD5NrzZT3cpxRHNgRu98ARp9rOho-9JkabE_4_mCoeWD4vDE0VbVjcmm9skHtsdTujndVuTMasa-K36EQZ5AUZu4xGgwpJpBvJmzXnbFvkEDIfE3kFwUeHq5DYgsYqVkWssAc4Est4EqVJZfcVyD70hO746Rm3lCmR52wadKDyPullb8D50peL6bSPcA5ZNTT7FPt_b2X8wBhkTTrSp9Mk1Th33_5qrLv2pptzz2VlAq23Iw_i9O6oJ03f5_S2I30S-Vwxx2b10E3vyqiqcltu5b4sOCegOAgtpcvBJ0zOWFyBfhUnOKQuZDZU4XvmC5aGk6wCsri_V0CdYq3fslwBSTEepER7fp2KW0fZF1zZdAcGDhwrOXUo0md5LFKG5cdk0tXK7218lOauR8NMRJnZFrEx3-2ObQlmH40Ncc6m6KkqStphjZYj6oS5vRWoLmsynVIG5GX7H9zjg2teg03cwaW7e79ekYEIa1D_9YlMmNEjV3H-xxSQ5azswdXAT_SyZz5hOMAIKgcwLK9hHjGdxs_0AaJIKaxx93BSG1qmL875Po8K-hvk8XtHa_9j40ysqu6IPcLmVfebyAm5Uik2VymUGPWSdBrOkgmcoUrk_fFApHr74gUVlVexEkKkpDXx4MzEUqPXPENLAOHlw-LVDxzqEZwWoxjqsujvElw0tlRvlJWHxl4FU3K1snf1ZzezYcDYVcyEalwMkD8tf0dKmF9v7AJfFu65R2_vQPibQozbzT8qyJspWzXKP4TYeu32rwS6xGF2pUBd3dfaOMU-LXL7isa3Q7lcSdVslGittTv-K_YfbJP155P2NeJ3eMPApNv92uzqLZY5YG7wJsI6lGk4-FSyrWnvG0NBmdmPg_tB4yUQ7wrBuVxHyO6JDz-rIJMykdKJJLcjqhmTtGGvlgVT9ScU4L-mB9YSW5yeme8S_b2qXnXrmMfY4eSqgsRUVW2-JM8BMwzrBmQ9z3_RKGsm-MrD4ttuaQCX9DZaKGw3G5Skt812l6Lbgh-dgPXrXJ4b4rsmfxQGXBJvC_8Fxkl6hgke3jCMNhO5Egw7B0d_Gnr8EAvmaS5t7xAEY5mCRbkLxpiqP2rJ4sILOdddb4csMBBGzajhP-HXBg4MzYEFFhKtiFshzMHzYuGAMqlCoTP8gt808fODh06NquUBUNMw9HEGI3yC73vw&cid=CAQSPwCsnQUxpjs65aWrj1ArRr6tu-xV_HEb3OtM3a3SslwTei_WzNbQGwHImdTL2kP2mB7nSPRegj6K30d6n6EH7RgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3ca3ba72789fe0ad216486167c5a4b255015738c8fb67267531ec84cc16157f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38432
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 3A68 3 KB
1 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:03:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 3A68 17 KB
7 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3A68 0
0 47ms
21ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9LwOE4wPVn37OyYxCJ92KUM90G7J9KpzmZ8I1gB3fmG_aRdrsby3pSENPF9kIsqnOW743xI2Rks2nz9xgHD_PCWPdjw
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A68 152 KB
46 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A68 42 B
63 B 70ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CszeLrkBhR3f0QHfT_hE9ytzmp0kBAV8G8Xt0Xx5VnAOWnzBPlcs3TTV8UO0zigGonsAFLSd8nHx5Skfy-jOGwLQ_N8GlPS4TRAwSy6OkAYmtcejQ

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1

43 B
766 B

33ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCbv6ABGOCNzNABMAE&v=APEucNXNEyTVEBpSyrAv-O28mPAhOuSFbmTojsPlzcuMaW01JZBvpHW0bipWlVUJ1rZUU68QW4e3PkOQQ1N59MiMnS3c-gA9LwSzTREM9aGC03-SIcVp1AZzL58dB4Hf1s_s94Fmg1TMWxrAFOW3UWUigDCzKWbQ-tDCCEFCzfzwXIUJ5Yg5qX0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E97
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0z8gQ3-pBrTxlPKkBDStQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1

43 B
766 B

29ms
15ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCbv6ABGOCNzNABMAE&v=APEucNXNEyTVEBpSyrAv-O28mPAhOuSFbmTojsPlzcuMaW01JZBvpHW0bipWlVUJ1rZUU68QW4e3PkOQQ1N59MiMnS3c-gA9LwSzTREM9aGC03-SIcVp1AZzL58dB4Hf1s_s94Fmg1TMWxrAFOW3UWUigDCzKWbQ-tDCCEFCzfzwXIUJ5Yg5qX0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUsFD1bohzzYmAZq0Ybktk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6E97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDdcCBzzUYzgwZATXREVtgU&google_cver=1

43 B
1010 B

62ms
38ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDdcCBzzUYzgwZATXREVtgU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCbv6ABGOCNzNABMAE&v=APEucNXNEyTVEBpSyrAv-O28mPAhOuSFbmTojsPlzcuMaW01JZBvpHW0bipWlVUJ1rZUU68QW4e3PkOQQ1N59MiMnS3c-gA9LwSzTREM9aGC03-SIcVp1AZzL58dB4Hf1s_s94Fmg1TMWxrAFOW3UWUigDCzKWbQ-tDCCEFCzfzwXIUJ5Yg5qX0

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:01 GMT
AN-X-Request-Uuid: 0e699359-9647-4fc3-b01f-740d465ebd21
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDdcCBzzUYzgwZATXREVtgU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E97
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1Njg0NDUyMTI4NjA3NDU2MA%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1Njg0NDUyMTI4NjA3NDU2MA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:01 GMT
AN-X-Request-Uuid: 29352643-4a54-408c-a0d9-cc617ec1f8c0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1Njg0NDUyMTI4NjA3NDU2MA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C1E9 0
42 B 105ms
25ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22107451&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1665989760568-965177218956-006093-006-009538%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B7C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFYcVjbqL0PjHfjeGTmQv3E&google_cver=1

43 B
273 B

42ms
14ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFYcVjbqL0PjHfjeGTmQv3E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQY-cCR1AEwAQ&v=APEucNV3EUar5hiDerNOO7YQopf0CuXaK0HEi4SySY--XAaMwcFatRwDhIEWvL53Ww3cdU0JD8lHVQbkWpblFit1xJLmQ7G8XV82eCTKS8JkBqFIVV1LH5-Z_WiYBg59o4DjNKvkG6aNTfmzER_gprsCSqBcuLMc1v82MXI0t_Q_yC8Crvznu4k
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFYcVjbqL0PjHfjeGTmQv3E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B7C5 43 B
145 B 612ms
578ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQY-cCR1AEwAQ&v=APEucNV3EUar5hiDerNOO7YQopf0CuXaK0HEi4SySY--XAaMwcFatRwDhIEWvL53Ww3cdU0JD8lHVQbkWpblFit1xJLmQ7G8XV82eCTKS8JkBqFIVV1LH5-Z_WiYBg59o4DjNKvkG6aNTfmzER_gprsCSqBcuLMc1v82MXI0t_Q_yC8Crvznu4k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B7C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEL6sv543blAWlR6AMJi5YyE&google_cver=1

23 B
172 B

36ms
35ms

Image
image/gif

184.24.1.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEL6sv543blAWlR6AMJi5YyE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQY-cCR1AEwAQ&v=APEucNV3EUar5hiDerNOO7YQopf0CuXaK0HEi4SySY--XAaMwcFatRwDhIEWvL53Ww3cdU0JD8lHVQbkWpblFit1xJLmQ7G8XV82eCTKS8JkBqFIVV1LH5-Z_WiYBg59o4DjNKvkG6aNTfmzER_gprsCSqBcuLMc1v82MXI0t_Q_yC8Crvznu4k
Protocol: H2
Server: 184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-1-49.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 17 Oct 2022 06:56:01 GMT
pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEL6sv543blAWlR6AMJi5YyE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B7C5 23 B
172 B 108ms
35ms Image
image/gif 184.24.1.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQY-cCR1AEwAQ&v=APEucNV3EUar5hiDerNOO7YQopf0CuXaK0HEi4SySY--XAaMwcFatRwDhIEWvL53Ww3cdU0JD8lHVQbkWpblFit1xJLmQ7G8XV82eCTKS8JkBqFIVV1LH5-Z_WiYBg59o4DjNKvkG6aNTfmzER_gprsCSqBcuLMc1v82MXI0t_Q_yC8Crvznu4k
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-1-49.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 17 Oct 2022 06:56:01 GMT
pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 555A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByUpFO2p0IC71XJxG4RA5g&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByUpFO2p0IC71XJxG4RA5g&google_cver=1&__user_check__=1&sync_id=c2ec3c32-4de8-11ed-ac64-1a3233820406

43 B
549 B

16ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByUpFO2p0IC71XJxG4RA5g&google_cver=1&__user_check__=1&sync_id=c2ec3c32-4de8-11ed-ac64-1a3233820406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiYgbzHATAB&v=APEucNXBOVshvHdn1HhJ1EfUtPLFcN543H0ctomtCaUUF42gCAa1EZ5Zv8pd4JwZe3QAnblSIQCKemvWiP2kvlkiNZULo13ONYsBxFKSQEpsPGreSz_xTErYqIB-B05mUrmZd0jbxyk7HmzOEtEbLNI7jBL5E74I23mJFEut97TiIloMteAXzgc
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEByUpFO2p0IC71XJxG4RA5g&google_cver=1&__user_check__=1&sync_id=c2ec3c32-4de8-11ed-ac64-1a3233820406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 109
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 555A
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YzJlYzNiZjEtNGRlOC0xMWVkLWFjNjQtMWEzMjMzODIwNDA2

170 B
188 B

86ms
72ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YzJlYzNiZjEtNGRlOC0xMWVkLWFjNjQtMWEzMjMzODIwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiYgbzHATAB&v=APEucNXBOVshvHdn1HhJ1EfUtPLFcN543H0ctomtCaUUF42gCAa1EZ5Zv8pd4JwZe3QAnblSIQCKemvWiP2kvlkiNZULo13ONYsBxFKSQEpsPGreSz_xTErYqIB-B05mUrmZd0jbxyk7HmzOEtEbLNI7jBL5E74I23mJFEut97TiIloMteAXzgc

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YzJlYzNiZjEtNGRlOC0xMWVkLWFjNjQtMWEzMjMzODIwNDA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 87
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 555A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wbm51U0tORTJ1R2hHRFR1TkhZZ2VONVJmVzQ5eEVYVH5B

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wbm51U0tORTJ1R2hHRFR1TkhZZ2VONVJmVzQ5eEVYVH5B

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wbm51U0tORTJ1R2hHRFR1TkhZZ2VONVJmVzQ5eEVYVH5B
date: Mon, 17 Oct 2022 06:56:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 47E3 30 KB
11 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8Otm2j6lhdv7F11N4vZxU0ZcenJjFCRNmie32f9PhU44IkWu8TVLAZExubyYrBBK1EpjD5CdJYVTdpXjFMhni1bl7zeI3Qn37byXx6KC-2BMdV0XT3bkW3n03hlCNLzuQTh3p8nPpZqDuLnqH1FMJTTFWUktREhbhq1IO2XZF91-SdDQ&cry=1&dbm_d=AKAmf-BT3BQpkFVYXaxkvh9zd6_Cv4_gMA7IfQ8t7X639TBIQL5Y91ZfcknTU4E_MDNxmp5fNsRxScBHmxLnNEhC8pLpQ7O1uZK0PB04o0JsiP1kSqYFX_La2ASoBzUUUBJhw3n2ZFmbT5OwRQVrmA3Pt7SU2OC_KiVcSsbxWvLy6tfFNJDqkDwEQP801N43qWNGqsB40mooGKHEhUJRH2z-SW-SPpdaZmxcrwWQScsKACQ6iEkJ_bDl9LA7Fv36o7BgrWcW7wI5knQ10tE4p_plqgf0xE8L83WAryBADAJk4h5JdkQlZJvVuDh6xVquaUVCKB9skNQvGkKCkjYb9bQ_iWUcGoiSBALCl0UWyrvY2ryarGeTVajk1HdT-bX_E5FPJFpzM2ZMHOM2z84zIp5Hz94DAp7kc8rYfHuzj2vQpQ6DxE3tWYYLotkDqRPbgkjwQLj1lT9vgVFEFo6NIcuHFM2X2bIjyA6l_1gXng4MMGfEu7ZaFMD5bDDIdyfyAT-6Xy3Jo0wU7153OrPzDwjP7VDaGnJQYgWMrz2JJDyQYMat6ViL376LLZQs8YNNSRprKMuHGqQ5OTjOOFyjhMGHGI2k-5wk2e8dJ5bL-94gKlk3oMsL23xAatpG-ebEC6cjIEZUaEptB_2u1aC_EWjep06kYcFz2kVF0hpE9jUiF71r5jTj7pO17nDvTSGv5zQGtsBvJuWmXTFaF1wGVJlLF_wJZqhdcN5DEYKiWMra-iwaELSC_q5Rhm51J7Wea68IafxXW2Jv4FGQEwFYzXa-P1jax5Te40apwoKAjWOhn4hlQd1Ip8Sn851YyrDHkK_kP6cjjbiJCSTGvNP5Ie1AZyqx70astI7xW83j6aLJp_ClRotqqgj2j2N-7HyWxuHwoEI7BCBON5dys0MwyAtZaQWyXRXbURMqV6I3fr2-a4N6RoEVmQDfDUMpY-vccu-mgw02w3iA09aVU8vE6EoQMvSoz1DbdLDgd2cGkz429pEZdgUmpPjgBy59OpfvVVq4GrplvUMDAw9X9Ygqzp8xqMkfdUjyZlhBa0bZq4m3d217uezZOL3cCsXWfO8EqCGOl9darzt_6xAPCCKEC_t7qHcpbGttCHhIuvDsLgpzN9v5RWdnG7a-jKuF1cEKy6jV4z4GR4Ae1mjhuHAuSYz_g6W5ZyoFBVQ-XSGhk9XTCoyOeBhoDc4NfTEPpeyw3-5VQrlKH9Doay0ILJXrDQsRZbfVZPkWixMOYxl0tKOb6UV4vdFQsxxzRk2mZP1oLTRUJzpEBOYmcqz2aFl5WVZrCwPZwhcrtAxFXQoowW3hnnnPHJiKXeus09Ba4BS2Qt78yYUmLVkIU2wJ9HWHs2cp-feeku1lytkD4H5NAbB9WdpQnqVa5DFvkbg5cXf0r5x3MZ5NDcgYGfvGUmSRNqsRUvH1dbpA1Fqp5vXnbrDbMbBP2S3NBCB0U-sQbpKYhrIpMeSZ6L8X_M-s0Ull1Wva528y2bzjdWDJ05pCNzjeXknOq6u9S25SwKOvT1guXQBRPGZEdIp9rTBT6jVzm2LI_Z1It7uQTSvCoDhB1ZiWg78ilT6MPQzNgefwGsxS-xlQbBklytEs3qco4KFOLxudYXOjNGfAOF26pS5EsJhk4o27bYREpja1qKi7ssRAnhIqyKmwSdydAYW0EyFGjpaul_WL3E2oP7iFWCalb23rkzsh4SpqFVBFr6V7GNFCGmqGO5DHD69jIBvNtrnVzHZom5AuIlRPXtjsVO5KLVyUDdA6mBIV9uJUt4RO9ERXGfSi7GpOklVcnUFhak03znv2MgtmviBhH4fRG61rdiSpHwOHK0QtAnZGBPnJIAV3JNedebPaGDMZtZ39RrzvV3NKzhrFMLAyrsz7l_53IlgdvcL4RQfOgBS63u2Av4mdM6Op2_eErYvzWDN4e-sSBxX18aVX4LPpRsWTsZRKBmYGlg17iBrc5e4pnu8zgCJCnPbIr4jbUr-LnLNYy90PVgJtPnGyq97PV_IwBisziemvN6gDzLN6sec0AkyfA0GZtPG5UWHjyD5Ckw7tDb8D2t9F8yEawpHbxEDlFbAJTvdus_i7LjKG8XctliIJSrFjmuQV6DHHEPIwdwUac8VQGjBJEfyq4iV3gTPl5BmKuvC00fItjB5MRoi7DT7zBsv1K-ucBWcepu4Bo208IweDZu6HtnhOQK6hbM3dBdF7Gq57BOmHRU01FnvKIxhRvFIDKD7M2bptcgDom7tciUEInVRmSh6Aulyt3NiIFtfthOIQjl_OUOpLNq4QC-rEW7duFw7JQW33hzR1VC3fzJWCMPmdo31j0YU7SL3FTJ0S1ZALDVJsgmQV_XTeU-lQ3v86YMdHSAS8D5O5rtemvaMtg80T_9UiZFqTNNF9qc_eSgNTFNpcpJSOt3SWNt9QahZ5fnDDNnJvXOqGhum-M74sRlXpgS41ySpOyuzbwSvssbPO_FUIztc1FEMMr68L3uyoOcolx67XOxYjdDhHZFgUmCtu-fb2mYi7sOTiz_B4gMjHTTwtv95mpfumxJfCTqPItxJRtpBFpaMj1bZYaeXh0qogm-0PqmMpSC_EgzoSa8PCZA0qokuBQQJu4HJ7yNlBU12IEoEQAEw1sJ13HC2i6vNtc3gkqBPyhyZ9Wral3cKFVAnQYbzJZMLr_Y657nG74eALX_fROPiE2_YVrDd7s_E4Vudk87SfgXfCKiM9qWpEY4idUidbcRgv1JRTeFLLE5Mek7mRsC47rO26DrV8g1Ywd_f4Rd3e0d4m47Q6YTfD3DVK5UaYHaAME4SlMhghMA5fphJlV3cEhGq6ntsqiunYYlFw4NUXPLFksgxkTUzDRLYUvshCZbrnG6x76AGb7mlbrtKLwY_EDrgnv_U6AH6YGCtcE4eAxPXoWivRNY6Sm9oMZEAlPVm3hpVb6tZz1W7_L-GbrNXsiuWtuWaEYT-uDKexpU96K3nTQuqB6H9FDAbTTsCwvlMHdM2toj2lFbtC97NYq9K3-h1i1JmGWaMdoD41NAkdVRZZNwP65DNxZWl5XjVWybGpdA91u9bktWzcAeWNbUi-4JOmfRrKWD1xgPQfdlHTRhQyIertxVbfv7w_ZYzAg9eCzl2S8yiT9QVIeKcWfUWJa00Or5S6ZcHssI_M09_JqaKGxF4RnSeUgxpm4H8GYNdicRn8qC1zRDQY0EwJ1lhCFLj3bU_IyIIwaUi5osYj8kju6q7aCC2lObXYDOyHtd-8fEGo0iZF3eqBtfrRa8Hm7jhpq-1T1sQBnQI-7sBMhtmRj2q3Zce4ribez3p3WDY4uCb94QPKvBRyQTZjgxyLHPqOzh2a6vi_SLN-4zp_4Hjd78Pv_4BoTWefM_MBC-EIDcnHlAbfoZ6axUsV6AX9k5QkStO8LNIjw2oZgfKNhQ8HBssKOk_cy1TaA7JnhRCWVfzCcS762TcLGnBe5koB9mC2UP65KawpbjanGiU8S0Ef7aZlQtndNygVdKnKln0&cid=CAQSPgDq26N9niUpB2v6MpKUcOHJSpMJhwR-t4_eB4iOwQf8fkHVNakXoUmATfGbW4BJNkiRyWd4USj6tHg_xe0MGAEgDg&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 47E3 41 KB
15 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:09:02 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame CD77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGLx6kYOY46bCygGyg06uTY&google_cver=1

43 B
163 B

23ms
21ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGLx6kYOY46bCygGyg06uTY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNWdQp17K9btHi5eLMMeI9Kl5NL0YG2loCJh0tJkcois-2e3D36aJoSgyvL3Am9PJ1QfLIzhoR0OWz3c7OsooYdAttll4L35aG4OsaRUbfNB6NE1Knz1AjGu-b38_Aa8SjiTxubx3aFJyCZBelXO9C_3TZqlJLMbUhE6p7Z16vYTApOdMjw
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:00 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGLx6kYOY46bCygGyg06uTY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CD77 43 B
163 B 113ms
23ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNWdQp17K9btHi5eLMMeI9Kl5NL0YG2loCJh0tJkcois-2e3D36aJoSgyvL3Am9PJ1QfLIzhoR0OWz3c7OsooYdAttll4L35aG4OsaRUbfNB6NE1Knz1AjGu-b38_Aa8SjiTxubx3aFJyCZBelXO9C_3TZqlJLMbUhE6p7Z16vYTApOdMjw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1191119/66022382/ Frame 317E 46 KB
12 KB 79ms
34ms Script
application/javascript 34.248.3.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1191119/66022382/skeleton.js
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.3.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 41c2740b56ffaa74baab8f400ef8bff9b63bb7867730e4e3c69dd86d4446f26d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 317E 106 KB
38 KB 73ms
7ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Origin: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 317E 8 KB
3 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1t5xtcaAZ4bztCGzo4zYKL2gOw_WSe1giM5dN41Jw6N6ZhYHPFjCScmH5avlZPfk5p-w1k4daTqdnslrwAFURTDD2Yw&cry=1&dbm_d=AKAmf-BvhkdK5DpTYADUQOkDzO7nP1utcYtqPMb4jnfRvI5AlHV66w95oQ0kRUguZEASs12zLdvWJ8lPfFLsMn5q5Rf0Bk8DZbCvOIYo3c2fUQnK_Fyvq7WAxPKDIDdITu4gibU-pWdeoaJoBmL_ZjGotBUvwyBSyk57ewZ0BU523sYdlf5Qs3lecoFc2VS4nlLwj5QQISvbOzggmdg4Jtq3oENhqrw1fp83vq0nt_iOd_TFdfWo6cfB3xP8LbwR9v1wDqH2TxJjLQPvRjgk0OlERT5h_sFX86HxTaVMQGHPQPROp_gJU2exm039upIlyN-6iVkw739fIrwEu798bd4bT0l2oBQcBE5pwJ-JrOLksmoLavNZUSj5H9W0Aph696egnzdwOWpDYajIzAyIO0ut2Qom-MinouyukljbafH0amqSZV5q-ABQiqiSoHs9hxlniLDlIp3YcsNMyC3nDwYGOrLOonAMlz18kn1sktNjayEUXhEMEUHQhpWOWzcdZPnDO7fX-d9mzKcyBv68Gaai4R7uC3rnhyqNY_C67-Z_-Xho-dfSr3Vs96RM_0RjcQ-Zl6WY8bZYiEJepTwLgm1hU-HqX7w7OY4gR-FxM1fWrxPhoCeZg-FDqI3qF2wjgy5Ma4-iZYF0OKsIw8o5bN0Nsi8CcL_bQARwy2ESBOd2OKT2KD8HSVA6IqNSusk9Q6281vUwtP_qP1s3MBcE4eEkua8oO-RA3TrutMKVm0QuqyFSePtLglY1Ey3WVJYcnlXrmS1FfMiNvpRPSlxf_FqpeWWGvodLYCOar9C1K6iY-Q_v4c3dgeQCHGNNf_n5mhOlq69mhe3PkxJ2ofmS3v4uyKB8QdB93ddKJYuV5yRKx1qrFTQG2SL72DKAF_swUbc8aGQdjyTCK1LLmiFilyvX48rq5rSHcStEraqdGh6-DJSRxq_XnaMJ5F3KxkquTQs4pwgCFIkSl4B2ZpyetnFGz69pWqR49-MUlFHtFEb27PqwC2ACk0ITXGcRbEF504Qu28F6_yiPgwT1A7PEJIQu3KW_Buy7_Ov-e6neN61-DXjeRHKcHVW5kn5psB4KjJqoxnSOyqpXHEWJAnYlLZ4tS6q1Zhx2JK4DBKk6JY6khDEvtkEckOQffmIhm6x3xv9Yz4TIxyoWeGSVpIryAuiIAjHFhSl6MxBrO5vpc-5kkYPYUZc7udcIOtAQGS86NBlLLFcKbWp7agY04abusIUTGdl69o8uD71yJx5pHkUACB1rO-mrlrbQIP1qOeN00avk_PJvuYDhZEjbeHaI4RjJBfvLs0p4aD7yEDOhaI38iMswEwxajv_OpwINcoaya_fCKxnwfsolq6aqV69Ea2gZsDcMXp2d44RKoomeVpfG8kCIWlSZ6qFpbvKc5FzlG-9HMh45QbzP0Us9w50S_CXQTdS8wYiJa2O1GfavJ6CmxL7C7zMu76apZFhoXwbsaRX6bPnTRyXwrfp9jXqRhOxxQk_eOwpR9Dt3gV6V6nkpWiL3l3oo5n9oj-CjWft-hn4UEMeBPRvEhhptQWURntgvC8DtU_1kQ5pp5fqD12NYVPbRmiqrrgx5ovBJMMpe4dGzP92UEEhemKeVymmGjvka0PLbuGdlG4ygJfOq38tAXm7aJ2xa6ShpDG9AcrYRJMbaZbB0-RsrRd0BLLamebN3HKFzOGrr-TKZ9s8yjjh4x6I4QFOv35FmQRAlxwbEM2dz3JVJt4SVDkjxiFfnVW7DyS_iy2_MMN9QujP-Au27UPIRDQ6NLX3hWdCSfIcWXKV5t0tHxsJUk944wqcnZtvljqb_R3gGFdXBVp1mdiypf2J43QWlSzymXN5GWT8UBAeJEDP-HcSYHIo9fk_CZPfoDMBX_uzVDoovu62OawojUg9cSSbHt8vL4HZQN8PZyza8H3wPaGGQSg0vgHyjMSipCq9fSskQ43oBhCqe9yR5l24G2ag-TwobT-dmNiX-FxnIoRAMlHQ9tbnyxug4yiJgARjJz_6vtU_Q_3BXAiSKEU5RWzTo98-pmfu7dMyPrgCXcdPWaWAAQtvyk2BhepHi4RDrewJbNsu4Ks6oIkyoLtJfAjlK-4kxHRdyq3852tRG9HMXhjSsNWlGTcmrJ50ka2eJd_DulCcDj25BsyNjNlOShH_QdOyO6q9Q82uLlzBGw7wWNAwh1uRuC9BA-vVse2Stk9x7ZKzmhygkkZZNI35ubs1IWgPH-dKssDwu4xcVgSzLulD2IR74QhW8YtiiATCL5q_xKFVSDwhtQcsiqjqzBOFJrbRLTu7wx_ioa9-VFFZF5kl_eW8JTT81NZP8j_rt5yib14mbq9zZgwHu4I28_JY3clZYc3ZnHEIqAlJJu_Dx7VblaIfwrFsE3nV7D-hTxrpCcVU8xWrRgR4Op6RjO4172goy7TP-OtnhllnSY0xB2KtA5XfrkscAzUY8n7jtpkZyaisMcytCWbcR8Y7GXh4id9gFChqpeOS9d5nG_w7ouo7CLffvYQtE-Y2bMP-a8IfUwrGki4gnVe7PFVijh75SXF1jDol-Ey5seD6nesZDwdl4pQXTEv1Qpe85r-fbl_p1YDG7DfCa-E-U4TeavXkjf994pX1WaxZEt3EU1vTUrCO7JQHlA7GyRyaTA8R6eV_RLyXWqfHfBmnbl3NPNQo_fn9c0Gq-C1N6U7aPLcnu07J-rwZlosCDSmTwPS_Q-B_VGPsSiDgBTkFuVR2aX4AoHie7Qi6_L_zFmBEbRYM9vI_hNDC5b6rAa1MJjhd3_7inhJJDsu88XaDcLdHWCxM-OAt2ur0DykvRa80qV7Zel2Tk5zprpZLAYuFSdjc9XsPrgTSf9mGyuL_O0fm-8onz8lh27zWSPSsqePMOQJZTbhgAhLN3FnenXRhMkJUxe_rHEQi0vOLns7E_18Bu0R4lRJrJvyN0ZXyFVbrNSgAkAk4ynMt_X-bktV9wrQB9KkbzazJuBGrzXATG3QETud1nF-TTL1QA7T9mip5gPHTbcIwHfqnG0E79WdQJkLtFt8rVBm-7YzKsrTFqSC2l5Kfg5sffDYaU9sTNhLJg6EsT9vEQVnheZ7IL9BAU86lpLHQwfWQmmWCm_3lXGizO9aK-0X8hc2kJntKr_DQ2KUp45-e6MXjbBpD7LmHJYiAw6u_48LHHyuC0R62nT6gqHEMoKvuVlWrJ-A7QiT6K1voGATVm_w8nYM80yCKk-dF6R7wWamhZrN9MlFv2Czn3RCJmhyNXmmVzwTYnwpAoQE2M8MPLuvZPtry78zhg7XHOWuGoY_PoLfvt5yZWi4kOYtCwz4-Eyu9QM4QKZNQfQ0imNhtZ5ItPfUfjCTAGOFd6Q7Ek0xqSkM-bMVc7Lbe41-6sk__R1SE0wCtStJzY932m6HBr3-OOO02EMbFpgldwDIcPtN_z1bk4Gif96ANE-fQjtrmX3GYlf3NlGSVpQEvE9xSOFSwbsTwf0UNbqvMa6zZnYexoofijnnUS3hQZbl90QLJDkdXJhhrXFgMLWB1QXAkqAiXHcL5V4r_mqc3M93IhNXZjxuWt_2Lb1wr6WJ_-TkE&cid=CAQSPwCsnQUxo3v7LNp6-xWBf5RWwU2LK3OKqRZLVd9BcwKpObvq4bfQTvHnwL47W-2mhqwk5jUMToM79i492jn0CRgBIA4&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 317E 30 KB
11 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 261A 30 KB
11 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTb0kYe-30tO_t8D7GdFZIelC6AHWwqdhtBAjKfjIz_2msh5PQkvsW9ZhBokJwB69a7b8tfAh-318beeXR7JpnCoDD4SiATldCahp0TcPWG1_CSdxghtkpMnY_SFGgB1k2zxqBmltDpUz5IHIeAuqLTyHuFetrvm2m5CISvKlhijkqjnc&dbm_d=AKAmf-DcHyD9DF1dZsmOW_A_31BI3t85QUkOt6DSyHyKbkK5ndgI0okVYM78etc7g8k0rZyBqoqDoOl0Bs0haIEK723kTEymMkHbue4HMx6QY4ntKjMgooT9-wttDi9sgQKRIeczgQ0UpjB1ssSBDLwmUj-3onCrp86iAKAw06vgb88HqLtRF6nsodr41x-PBZh4u7jMXSnuRIxBuBKd0Cprml4yM_ZvVXzaUiNvhDrQR3inxIJEphS8NZZLVQUtjWWuKGQpF36BCOAxeFkNLRHRz4KaCoQPLUYSUFnX1r_TF5Os0Vmv_Q5cV8eGQYlueAU5UFMRuwfFHz_LLCdbagxgOrWkGAvjexy-mDimcy_3EeKMdfgQM7ESGH8H1YNVaqZUmzBf7sNVnuygMKB8qT79zZuUH6gEVpnGtSQ0SLBGGJWZF7LF3R_Bx_X7hrHkAbbNjYGp8Y8lOGZgHzF4XwikXyShSnEM9WRHajs7prZ4SawKGQ3udYjKQrIqaW4LspAqKDWpJszX23TpRDrHOElLlg7h7kqVgL9nWLvqLorVovCHhaGQft_A_YKP_dCx63XtJW5ooiZ__aShdIskGb4-B8BDpkRx5ySKw2QnfWtsT6GixG8xwvDCgZFTbj7HLWoX-gLV_H5hGzI81tEufZuRb3Y2YakQhloEmXpbS5FuRfxv5gMMhGeWwxzumrxiAdMy0OWNCVYfMQavpDkNRZZeKxXqDeBQtn4inMR9nc1XAeYemGh8dju4Alez1mf8KPupiCw3oBxYs78jJKRF6csCs57BUwpQ-tAt3m-1tL7GZ93KavtkOWo02EnZlIH1tK7PgH27Q7i8TRzLH9bT90smFeN9itDAWuJ02ZkgsLjBVcAndAy9MPe7J5-lKRXhlQ6La8f4fZIdw9_5mOBk-3tPBUVHBbEZV--wFYFIB4qrSzUALxZxiZ3103rZSB94aA8Oh6pGP4-4b5oMnZySa2myEkY4263l1Syw3zrBG_7ftRMp6E9Y4ATEeXSJKvMd9F7cJRP740EJXXPQy0FinKh6TRNu6fBa7kYLbomF_dtPIeVqJV_QPpWNloQGbnKzPWGDmuZgY1Pk7EHUwxRITJ8bnk8H5co6WKSF3TMBQwUioXCkxdxdSit39ebVIwMoBLfAAty7Ofxo_2TtlPcoTAetESIqy8D8v4UzpGMC7-tXAM9wqzznezkLXvigt8DJCTQ8YDvRKDOhoYAK9_S3Rn20Tu1WpdwNtE82yobb00uuYgtD1fLElT_7LIMU_4nkswtWgy_5XznIVZPIAg3Br0xZtX61j842Hia402p_TKhT9K5zrvFRBG1iVmXuXGw6xZRwWI2WaTLasCJTyLZ1jBpSr0EYK5eOncn3t8UlHoA2aJDiRmxc2_zrTzSD8mWPxJIYozLy5s_Gd9Q_Zl8ykC6oj2TPIbNEIlRHQ-LOTvWJWgtHpsOsIFN5dVCSJBhb2VS6t7E1pT2Z8vdnlykOZEteexN-B0oOMQVtGygkc3hICwz3QAjwBNRlwJR8ZcIOC9wukZTsbRFlDI5hS5X2PUGi1gSOdqxrX7eBsgcGrLJSdSXYFd440-kEITgjZ6SZkDZag3towAniTF1xL0xWNRos_8CwkSMZazyUlrqAD4s1PbcTXZEpewcNLdPZvBes9Z38RuZQOWYuqj7FTdc9koPr_WxJmv6myYVcl5GSyiQcAtbmHFY61x9O9ZBbP1aQuOTf0KOtwwdAph44S9eDF8J4tInMavcw3r71UsEx9WahLyk2Yr-8I6b1puSvRbzazSG79a-LXY4WbHa1OytlrrjraZ5mUPFNcGPCWL5YIWOJymeG97N0H0kbks7WYGvLCRaoBY7Dq9_4dwiSbg41x1lfs2acrjfV6WyWfughsdLdAqlKJJPmHKcWxYUkJWbH66ExC299iJOtCGMwRSFAM-lCDpj_K00noYWsUiEFCCJEdofqed5hYv0stJwAohDaO0OOI6Ie3Ft37osyiz-2e-GBYWabPYC7-1Kviyf6MsZJTEauh62gjYy-evtCZFEsqXYmlhVQCI_BsDJ4lbMmPEe7MnojVLgNEa81NlTM8LaN9BF4VQK7Rxsfqb5XMU5QzOKsFbsm0QaKW7TJqZjiK3RT_KtE7reoRe95NTXAyCaFAEQsYemnQfy48SemMxe2LzQ-2dPW4cdLRz8w_yx5cACodNku8JsVb6LgcEpwnrSWOdBnH1ieLuchzMPGNfCd3AnNu698fqvQg1O0buy3MhDSAgEVWRszBUlUvBaCDBL9jIeeI_1AkUkq_0ua1ZKLpMbhnbLXPpszRvJ33J-LlbH8I5W93XHKvqmbcOURVN1x6RGZ8TAqE67p5LHB6ihos6vONgVf9L7vuaefIIbwGEwsi_meHlcaa5LX1-42gTzMLgi82-U6P1oGqPkMLqfZa5fQhErvRvWA_emdf697WoOlCg06-xYYlJCinwDLAr1Pr43TY3LKZya8caeEWqdoOHSs4ri9i_oKfhrieDLSoUpmVtUqc8HwheIWzFY2uoJcHYSBlEgv8ASl4oa9QNICQ2UbH4WwBQaQc2P6EuJjSfmMGZoQpJjpy_QgiMGKvufQGhHGwnkvv0TwDm3qbmJ8sgDcARzDpF1H9ySwYyoNvVazq8T1YSZScbGX28pakUi0xbeWGTH_VODir_H9H5hpMPgcKyQBW-6HAB99SvtKxkrCHm4TBDPzyMQwuHJ9TBmiIODPUjUzPebmhxAFqUOKum0EGRoMG44-J2Ff4JHogttsN5sMByFKtiuzrULDwmBmSj2s2M39RUo6NPETkYZap8VFL1BcYUgeQLJ4rXoQ29NyrLHxtTjZl8hAXcpdG2a9ceB1Z8TKK3r6ohxzQcCJr8DVpGTj7Z3wSczmcHyXT05QTjAMAmOGc90fQaXadHfm5LI8qGpmaljaH3U76GLsBAfoSyDv9ZpusfHcHFmmgi1UYEvTyn1APDQJJmL1omNV3JFQUmISP6u41jV_iu0BPhasCSJIX2s_upgmTVaPLfBKytlTI8FSrK8F5lTopO9Xwcz7BDVPS5dz5nlxMjld_iKBX1kLA2l67v8bqWQBJYXQcozBM1lCpW8MROOtSlGcbghSuUAKq-FZC5-iHoq-L6bs0bSipSCzpQI9QX1DYMN1Q6_5FAWfgl5GLvYKh6T-rwxxTSORhlWp_IZtDZtkWPz835e8QqN04PFGeVdjm29arOkXbwnfH1S96igC4bzU33lj05LwWqN7taJSazKiE404Gag4ruyVuK9Wi7mmuh1-eoNx11s1Iba8EdU8gYtn4AR5ih0SKJ4U4CWuUUW3fFIEN-94QVG0&cid=CAQSPwCsnQUx0t9g94kVbV7f_Forme62GpV-qE8l7aTOR89LmiWAEvnJdlR4304qfKDIfMhToYqIP0_5XD5T0ltQEBgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 261A 41 KB
15 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:09:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA85 143 B
166 B 19ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62195610/ Frame 3A68 237 KB
71 KB 33ms
33ms Script
application/javascript 34.248.3.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62195610/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.3.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9c26099d9f72001fc82d262ea5fd218ff0134807f74cca0fdadc2f65a9e4d91d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3A68 170 KB
59 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Origin: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 11:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 11:10:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 3A68 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzP8jb0KZmXGW6Caawv8_Zfbiv4zqc4xDqF1xLPeL2sTE_e-6BPkxJp2C9ywm9O0xyl7zPvkpyLEjx_fQPyq1QRCDI2yKHPqVmLoHzHM8I54kDmikKTs6gH0bCrnni80NnoQN_P7_41-Y2manoOg61xnMt_x2zRAKPhHNETNN1Of8Qcho&dbm_d=AKAmf-CbgTA-DrTmwlMiz6QplbUcmTcgpvlBMxbI5k4u3pzagjjrBHs5ODGeOxgMpnjTH6DnC6QC0l8sK6-z1nYZVm6lHoX_Y8CI7YZk-Uqa8vzwx4rtUfFWLpK4LxX4tIR6ldYe6o67smfVnUXhR8W2SMxb-bQ2Dca9AT2YSxwCvQ6Tji92H05tIP6jhGR-Ul7gM8jr_UvFjyFcU57XNNNjNKPX85YUzXaDG9LGaBAtM6lA9taBId8Tn6tM81AvSrqDHlg1GbquJtbAjuMC4mgZYCKApSDp0Q7TpWsJpNjtPIdFOq2dE656-R5C_p_l7do7gDIVxPjljVx7ea9UwGPj3MHQ2MexizmMVPLUEs4UxI-ztX4Mx24odAI1rLnfzwW4ptDlq6Bz5uXubHIWgsvVJeZTXMR76FH34Qn7D-rZcaXZaGI7Ds2rQSyDW7Whip0fbk8xSbW86Jst4Vfp0So0gbvDXHM4Hq3Ij6B_85PlELMPWieKqe-G3lo085tMcAICmxLPxSRAnGdwQLZF8GUggVTxpNVcn5lOo5bnvli0RsxMgsf6ChGjTl0y_CNLr6SWj3tHqm07d_ZgKuBZ8AtK0Pe6kt53gKVTrseiooxCBQ5TSicuuJWdyFiH3V_GHyukQufSWQm3yfQ6goaEuJUjeZMeDxa8AjcEttGGNham3IlECsh_VbKTIUTJX1mjK-6PLRp9C2haSJpN1AblngBxKRz7pJflUTqaBHKJbQjTJaX1Quf0FijzQEyzyA94MptKyevfg7vwsVYt6R4YK2HbDjyFulmdBCa7l5vhyce7R-B5fRYqyxmXEgag4ZgugllmCkNisqdsP39a3KPLTUo_Ms6KFxBgqXBLGxXEnOn7X3PtZEI_bkEBqpmJlMfRCLsaC3etb5FilWP8mApkmJ8koQE3Qc1BSdB6J6R06VYY6pIllHLxawTDhRsyOW1Gih6XI40fzAWPYXxMqYPpyMrr7pHSJQUy0L-obJtr2YvEpqheuBTRn5ya4xhsLw6Z6Q9mmVcW_AdWyiny_hqthC_xGpLBDmBTd_o-RZFv1ZdfU7SJ4Jv8Ggnkj-omZsSN0o0dCubLmnrolMOZGPAKmK5oQeR3EzcAuhYEWXGZ32YeXuY4pcGpEEwkLmAoODvTusu3SXrGq5wCUynG9_atEe-bhdzU0tFCbJmPWcx-3_zVx_oQk9YaCdBW4c23C_cxuz1mtiiqsrKzadOp_8lUSoQXOXO4pDEKVeMDdAOWTlKc1K_7cQmm5jkXClyxi5_r01pRuEW3wyT9pYmeTPRnGJJLN_J8oDqsI3s12u_CaKlhaALqHqwCBaLXZnfIRRH_SreAtuT0J0RjvwVzesubSSR98kYomGsqelrElVqiccxEBLaOGvC54gMj0qDIUZkB2ofA4LNgM8XwrpRoHI65RV8dslZZ3fHRMUqGFV3cImxAku-psiY0SlmcCUUH74-rm5d7AbKwgI3IDKiVTgKHxViGOtrbj-X08PguYUXAUVLt-1WfloyoVkD0CLxPraImfm6bfTuNCwyhRoEUJ2PInPpSPZuvtNVdF-vo3rlJ1uoX-8-tPOPTH20NoRsP4sxnrwvsDPpfMR8xn-XxbFKFRjgJ1N-sUKS9oS-cDsOLVuLsTLoUxQwGykzWpMwl6jodkXrhVd5dxEO7O2bGH_GuYlvliziptyrpEsS2MMc9va23IH9XmaelCY84nrDhuBPLdE6c_pl1_Q4oyNE3a3LwOqPJuJGzfbom73ZNrUPJETiqKbMBl7Hq99PWcAzOVlI7yEIpm12u0t73jN-k7lp6YDx31z0RUrerfPTuY-01Yde4h7mcFAw9Og7Uhw6uMFFOIx5uZGzk77R5M6XKhby-vXYLLvrV_Q2wX_6cJJ_oKoeWwxTzvzQpdPzmozD7S8KVInmFD3ziZeRwQKKlMbyleUekjH2nbC6G7nSbtKnVtbSdg1rrNDuHT1l9CNM_7f19mqFg-lzkIbIh9puPlCKdtkDIwDXz5M40lNGnSGlUezajN5ruTkqw4eR8qngXHL9xAmtAft_Uv48cVC7Ahtzd7akvrlbkC0T-h4hTTolUVRYZq4RZQx4EmVy4-eAVJOy0UVNZEwPmoaRttrbZZGqAIVpVAdFGvge3l7etr81OujGMbHvf_qRe-AyZzerbq2f65Vz2ZfZJ0zdg8J_bofvMD9C9JpuJEi71VotWypYDsu494_498hCm2NSPpnFpmugdpzGKyYCK1G5MCS4uM72IOP5snS21WB-2rsUuJUamYceZA_405nlGoY9im7fzVKv0NxMrNUu5Gd6Cs6NTrYeD73CV-EOkICestP1Xcq8SqrAZ6OyMU0GcoDkH6oUZUD5NrzZT3cpxRHNgRu98ARp9rOho-9JkabE_4_mCoeWD4vDE0VbVjcmm9skHtsdTujndVuTMasa-K36EQZ5AUZu4xGgwpJpBvJmzXnbFvkEDIfE3kFwUeHq5DYgsYqVkWssAc4Est4EqVJZfcVyD70hO746Rm3lCmR52wadKDyPullb8D50peL6bSPcA5ZNTT7FPt_b2X8wBhkTTrSp9Mk1Th33_5qrLv2pptzz2VlAq23Iw_i9O6oJ03f5_S2I30S-Vwxx2b10E3vyqiqcltu5b4sOCegOAgtpcvBJ0zOWFyBfhUnOKQuZDZU4XvmC5aGk6wCsri_V0CdYq3fslwBSTEepER7fp2KW0fZF1zZdAcGDhwrOXUo0md5LFKG5cdk0tXK7218lOauR8NMRJnZFrEx3-2ObQlmH40Ncc6m6KkqStphjZYj6oS5vRWoLmsynVIG5GX7H9zjg2teg03cwaW7e79ekYEIa1D_9YlMmNEjV3H-xxSQ5azswdXAT_SyZz5hOMAIKgcwLK9hHjGdxs_0AaJIKaxx93BSG1qmL875Po8K-hvk8XtHa_9j40ysqu6IPcLmVfebyAm5Uik2VymUGPWSdBrOkgmcoUrk_fFApHr74gUVlVexEkKkpDXx4MzEUqPXPENLAOHlw-LVDxzqEZwWoxjqsujvElw0tlRvlJWHxl4FU3K1snf1ZzezYcDYVcyEalwMkD8tf0dKmF9v7AJfFu65R2_vQPibQozbzT8qyJspWzXKP4TYeu32rwS6xGF2pUBd3dfaOMU-LXL7isa3Q7lcSdVslGittTv-K_YfbJP155P2NeJ3eMPApNv92uzqLZY5YG7wJsI6lGk4-FSyrWnvG0NBmdmPg_tB4yUQ7wrBuVxHyO6JDz-rIJMykdKJJLcjqhmTtGGvlgVT9ScU4L-mB9YSW5yeme8S_b2qXnXrmMfY4eSqgsRUVW2-JM8BMwzrBmQ9z3_RKGsm-MrD4ttuaQCX9DZaKGw3G5Skt812l6Lbgh-dgPXrXJ4b4rsmfxQGXBJvC_8Fxkl6hgke3jCMNhO5Egw7B0d_Gnr8EAvmaS5t7xAEY5mCRbkLxpiqP2rJ4sILOdddb4csMBBGzajhP-HXBg4MzYEFFhKtiFshzMHzYuGAMqlCoTP8gt808fODh06NquUBUNMw9HEGI3yC73vw&cid=CAQSPwCsnQUxpjs65aWrj1ArRr6tu-xV_HEb3OtM3a3SslwTei_WzNbQGwHImdTL2kP2mB7nSPRegj6K30d6n6EH7RgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 3A68 30 KB
11 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
227 B 60ms
59ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19282/hbw_release_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://kooora4lives.net
Date: Mon, 17 Oct 2022 06:56:00 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame 47E3 61 KB
23 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:40:45 GMT

GET
H/1.1 200
OK dvbs_src_internal109.js Show response
cdn.doubleverify.com/ Frame 261A 59 KB
19 KB 29ms
24ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iH1Td4YZLI6H9e0Jy730uu&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16718138814&DVP_DBM_4=418316440&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1611661212718&turl=https://kooora4lives.net/beinmatch-4/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19455

GET
H2 200 main.19.8.355.js Show response
static.adsafeprotected.com/ Frame 317E 194 KB
60 KB 112ms
8ms Script
application/javascript 2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.355.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1191119/66022382/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 15:12:46 GMT
x-amz-version-id: Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 920596
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Oct 2022 10:37:53 GMT
server: AmazonS3
etag: W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Hmyz-dtYSxRFf3ufwltYSSsYuj1fc4T6yILj0SjZ1hzyeZ11rQgHcA==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 144D 22 KB
8 KB 24ms
17ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA85
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:01 GMT
expires: Mon, 17 Oct 2022 06:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B27526613.342304406;dc_ver=91.268;sz=300x50;u_sd=1;dc_adk=497053797;ord=msky8k;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdu5fgPxMY8qwEYO4x_APgKafmAKQwOfSa5LhwtLJE... Show response
ad.doubleclick.net/ddm/adj/N7121.3325855MIQ/ Frame 47E3 67 KB
29 KB 100ms
50ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7121.3325855MIQ/B27526613.342304406;dc_ver=91.268;sz=300x50;u_sd=1;dc_adk=497053797;ord=msky8k;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdu5fgPxMY8qwEYO4x_APgKafmAKQwOfSa5LhwtLJEO-Un92iIxABIL3PhmhglYKAgJQHoAGCs_T_AsgBCagDAaoE8AFP0ANarBiORcWlVSzV687QSXKqsycku6zfWE9wefbPr4DYXw-J1bM8t_SEIlW4kceybXwJulJgUORnphe9pdiXJneTBOUXZW32uyYXnPhl7mYGInnuHyN1zGbXuH9_lrR_sN1vUd9E1bigd8-zicWPwLKUL6jxKptbKA2ON6qELt9bCAZz-8r-KAQKntP1VY0Zz_w1lPc5sCDWfV5mC45ijQj3BqDvb_4oiwxPQ9jwID_RsbmDNhujb-Noaei8pfO0WI5qCd6bTw2VJ4EEo8CZRooJEjuha70v6TuDCcB87oFkITZ4bDB0FhcUCsW7sOXABKzjr8WKBOAEA5AGAaAGTYAH5syLgAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOI-u0Q0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9niUpB2v6MpKUcOHJSpMJhwR-t4_eB4iOwQf8fkHVNakXoUmATfGbW4BJNkiRyWd4USj6tHg_xe0MGAEgDg%26sig%3DAOD64_2MpNaFJEAjVag2EIGrs39PuxB-Kw%26client%3Dca-pub-9035087792692775%26dbm_c%3DAKAmf-BGdTa8Tc_JJOfiADrrMHGChuJC7VblMfHpL-BKdBtJ14DGzdBBzSvdR_dpkxwtsCuGREJyBmiBSnpgZG6uxqvt1rybu0DYzrVskBNwKvhqiVAiLyU4_8Cjhzdl2Q6tYk6w2lwigp4b9Bz3fiSPFdz3sscg6gH7DihRfTjDLlM_vHDfZbw%26cry%3D1%26dbm_d%3DAKAmf-BiFoW9LqFOGHKDB_MYMmtvzQlo9Y1Jtz7S83P94yrW4V2IOAOAdf0lel4nwYbKPWMbFyIBM39JfswhRTId0ymfGmYMqsRfnoqjgOuLEw8Tj6bxRgNd2Odvn2FHowfZ4pnvogOTzx7gOAEasFdPNNs2LUQBalYnWxR4Da1xMIgA8C_VOIyY1tTTzsnydM5h4QEjAs9AeRocNhw6EarXhwbh7NsvNMwz_uC4gJp4CR0EGEXKAg44dHL2KJfNeCR57wlIanob5OXuXS866Ddp78u8y3tv-nv5v6ZY3dxnLjz9P7Kbm-559bZZ7kRZFXT_P6YvzwV7T4kkiRvI_IurNQugJsj2t3ENLehP7v5Tx-5M-TIU4iJ-_MDfc7xvuoEbyb4MIG-YwYpX8NNfSEVE8PM_t-Fo7W6b_7978_cZmtU3SeAlh4ZhAtSdp3tOPAKvXyOuQ6fLkzFMehdi7IEOQlYB0TeIzIWtPugnnWYeQZNuT8Q9Rb_WEx-qocwI1GGv6VJchBi4P0H78gCpP_ANf8zJAC8twrU9KpOcFXTV1r2ZkOFh_CM%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fkooora4lives.net%2F$0;xdt=1;crlt=LcShPsPtKV;stc=1;chaa=1;sttr=155;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

634d5f558c3ab8052f702dbc51bc5a5eb23c37216ea481cb7ece9e1dba541f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28792
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E303 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FED3 22 KB
8 KB 13ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 317E 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:09:02 GMT

GET
DATA 200
OK truncated
/ Frame 317E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23405f106857c8f907503f6fbab7f8298eb0abb1dd0f4488a9744d94e920a2ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A68 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:09:02 GMT

GET
DATA 200
OK truncated
/ Frame 3A68 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 247a677dfd062d9a1eba5b78ef74ad58eea1efd7ac4690dd0e9b1b7d9c6868bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 103 KB
21 KB 39ms
13ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc47422df94c9eef049af29db782a391758e4776e9c509bf965d6c70048d2808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 259093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21723
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 06:57:49 GMT
expires: Sat, 14 Oct 2023 06:57:49 GMT
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 317E 0
622 B 97ms
56ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOpkqNOMaEENGG_2nEb-GpsaVtZ4DOTP8PJFj52U0qt6BoJ_9CYjUwFzx0IvBEqUuFUBIukRbLGUWRhDSwX7dHvvutj2SCNKk8LPuCr8IX29cC6Dh5AWYgUDhnnbUqSxR-oIEwwMG_z8KvikhpHp4wQsOChHQkhr8TcttVp9Pjg31qBkNkPcKFE2BBxiJa1zzFhbbc09dIFAlgfiOFgu-or-4PS2t87MjP__NRzaJh8hhe24K99BnAx_DemMHd4e6mg-iodSbxUhcMy_xqDAT5PpbdUdTdmQpB32r51Ax9auBEo-zS665NDHwZuBPWIV5pzBLpxb1Jr9FJ6ffSm_R-zHgQlBQkaR1vV7yreuDMsaH_1c-Ya0a6yWFloL8GSJ4S1Fw3VpcXm3gRKutjXnH0W92wXPywdoDHyHDQTuyAuSVU1HGbyYgwlkYRg3w6YGdDRMuBrR9Hl-9olA431d2JB4_0H2eFoQrGFDiTyOYl9Fed6TD7q-uQAFrU_wrH3CkLy3GRO2GFOoUR1R1mC8iAaPtixOfS7X6gaGnldNR1QVKP1u6h1ZIJD5RVI5ywjXDTgbeJInqp_p4ZjV5vIx64yQMwS9ABTi6eVQ0gYjuPfQF4Yw0yxinN58JWUa8kml43_B3E2u24I3l7mC1e1DC9eMfJQa-i46V9iY0Vjn9zaIvxDRM9QzILS-V2Gr30OQLWYTO3oXcncEZqants4lMmpxOVvL-DmhSz1Z1tLbSbR05oy0qmVMuSaL5-Hvf4XppfzTYebr_6Ey949OC4YlFTd_17TFz4wP2aZk1Zpvjbr3WlPkPjfcTX9yn0eJ8CgkttEZEg5HC2Gp3B0gEa_Jqv91YW9ELgXsFZjcWmBqFymCIKpesTHu2Q2f3oFUGuyX6-jrZq_AN44toDb1ggWBQHlDJh6-LAgD63Z3iBSj-YkoXyINiIMf0Zu4Hkz5Y8mZeq0UvxbJxTKmj9dalaahty3ZvOCND4i-fwgIscHdMoLs4XQXLk89I5EK5lItQT8WmCQQA8cL6Fab-cyXiZXuWJdf6K_6JzMKIzLQfjb2B81Q8ybF7aa-itZQhctLw4z-fos2tHfWhH6Lh6qxlgroveTYw_T3jZZ4WHh5PAZpmHWvFOl9rNHxFfgZzc2vFKN3wTczuoayJN6uw1QvyTCgcLzCNe7omzayXknfUQ1iVz-lQrJMOYX5aVR3O7lhJPRfwD7u9VaWj-1287xnvlJAD0e6Gi4qzOINZcEFS_s-w&sai=AMfl-YT7TiuxlHFGvudEgJIS-J5UYAeCru6LeYWeqApbtlZQc97I7aeWM46MhYWDLIeCe3q2uvErz-hOTD-YGKXOVDycAyjNDmRqpYsAyLX1br6BFww0-JskwrdKZc6UZhfxnACY3Hbcxz0wHg5EX1dc7g5Pf8t5DeS8hVmRkHFXKk8NM2nPdZvQihhYz6rKxyO4ixFiFogAuiKaM2DHG874GIy3MvvYIr9GCooqOSElLeyTiNTfFdusaSVRkmC2Ivr-vsZEfQhN3ixBnCa1kDw489E&sig=Cg0ArKJSzNSkRp9QqwBsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=440&cbvp=1&cstd=436&cisv=r20221012.40112&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 06:56:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 317E 0
348 B 172ms
32ms Image
text/plain 79.125.33.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rrj5ukgn8&_knopii=1&campaignid=28643978&advertiserid=6522545&placementid=347103605&adid=539393878&creativeid=179015563&siteid=3355505
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.33.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Mon, 17 Oct 2022 06:56:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=73 t=1665989762
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-no-pii: 1

GET
H2 200 93665
stags.bluekai.com/site/ Frame 317E 62 B
573 B 220ms
153ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/93665?phint=event%3Dimp&phint=aid%3D6522545&phint=pid%3D347103605&phint=cid%3D28643978&phint=crid%3D179015563
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 17 Oct 2022 06:56:02 GMT
content-length: 62
bk-server: 6578
content-type: image/gif

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 261A 1 KB
895 B 183ms
14ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_524060961291&jsTagObjCallback=__tagObject_callback_524060961291&num=6&ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&advid=&adsrv=&unit=728x90&isdvvid=&uid=524060961291&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.90&dvpx_strhd=0.90&brid=3&brver=106&bridua=3&dup=null&turl=https://kooora4lives.net/beinmatch-4/&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iH1Td4YZLI6H9e0Jy730uu&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16718138814&DVP_DBM_4=418316440&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1611661212718&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3F6ETar9EEADTbpTauTaugc2b_22f65ege7b7e73dhch4%60_4g5_ea%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaugc2b_22f65ege7b7e73dhch4%60_4g5_ea%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3F6ETau36%3A%3F%3E2E49%5CcTau&dvp_exetime=11.40&callbackName=__verify_callback_524060961291
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c131fee562496f2d828179290fbeb35dce0cc200a5f605e0e62680f3ec52d807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:02 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/16/2022 06:56:02

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 3A68
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62195610/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_gfxMY5...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

8ms
8ms

Script
application/javascript

2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: lxaIfqfSAN_LFPASkpm_LKK7NXiukXBj
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
date: Thu, 13 Oct 2022 10:37:37 GMT
x-amz-cf-pop: FRA56-P7
age: 332306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Oct 2022 10:37:14 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 67taXOSXJmwC9qQBSQQzgkXLO-YbarpA8-g2WgOi_3-vRoh3U6FKxw==

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D17B 91 KB
23 KB 10ms
9ms Script
application/javascript 2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2215186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 7y997dRz4XpGL---AqyheQd-spYDiuYNOAhJNBKzXW-vhjUgGZKJaw==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 21 KB
4 KB 20ms
18ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:02 GMT
expires: Tue, 17 Oct 2023 06:56:02 GMT
last-modified: Tue, 10 May 2022 13:01:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A68 0
27 B 75ms
53ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyVgUcy6eGWlz-mXTrDVxXzWBlfxrS8KpOrT-GsguYgHiYUeEqeC79HgfsbZUo5uHE9k1t-kOdA9AU9nWOiw2W6pHKZeVPbFvOuHLEKXfFM3SITxcyKAYoPWMJ333EijO5Hqp4k7uVApPs7iOwXeui6tqDfUgfajIlLrWjgPEKJoHwsuJOc2CmXAOis8MYNpDCH8OwajVIz7XJ8H4kptNvDjUp1NRvMQ95m55iNLHECXxwxHxx05G7l4i837XPcIV1S6gq0U9adWLQZr03Er3dA14JcXTICTtFCcH3f0U0NHUW_xPK7enZ3IC-NojrhML5WiIhQPX7EcnOfVlQCmj-C_yqmG_9RRrrTr4rDLX46XwyDsFo5yjmwQNKeEEvQSlEuELiZV6OpizPjSfxo860egk7_vzxX_qDQMeeWjPzrXbIPKKJJG1ndVb_g3ObBeOwSbjPI3iHWjnWeCq30K4pSV4mFj7Qfbi9CwIsh9Cd55RJIzYsLGpS9jVLjD8Tcc8sxm_mVY26F9Ajs9kS_LNMc_2V9vMh84I7x6JfoL8HlL22Fw4JP_tN2AMoLX0d4N_1hThKai8m-RbTbypd_jT3SJeQLgMQI-kbC8WSYsas2u5UQC583xZHjWk_RcUqYIWUO2HC0l1jzZ73a2Qc0M8nZ7xB8xOzw8XFunxs-Yqbzjuru9Shplitl0oMdshzbwKNWuAZ5N55H9RE8BoBxOIIvqiDdKUmvPPmXJmrgmTDnrU5GLTc3oBQnDdFzLTiMSZa6V-PDUkI5Q7wggjzUGj81R6ll5YtHshTHQyoQNmCbwl9x0XaOGRagGk4PHx-uIxaq-IwHyhxmKLQNVlI-TZ6ZciGBvVvl6HIpEBoAvTq3FwEFGTVeW0L3cn-l7c7N0h1dDtauzsxcHSRKrw72w37ym6HCOaxtGvO-OxJ6C2RKAHE9JoIQ3SFb-jkf4ZQTFBlo189TyI9Wh9_8w-23bSb0Uwb7HzKfaCtDBy0NqzpyA_vYZ1x_uFiyst93z3UfWppBMzVNdmcmuyRQ4gpDqq3LlN0ROfbum97siq1Yz7AdoNMlUoEl764o0Lb4ITqoBOofQYw_POidmb7zYH6fu-E1a84KppHegcTGk6i1yYVPS2VGfQAweKRP37XMBMuv3TyRsZ0xg1eRaX31vQTKHBCk7zoyOHBogOTIBf-YnJEr3WEqhVJ8l2pnES1VlalBCGsjOUw5puQc-2ESb52LBGncx-SVRYPQQU&sai=AMfl-YSRApdlxTXN3Y13x8Fs2KR9wcxmxGJr8yKtToaNsW4DrurTPDND3Omc5bliy7x3hmBVisu3stvTjqEI5VdljLF6j4wiNrulU5iCumfOftgiTPEUgwIZUMLEtKGIo-xMq70Xe2peWkN3Z4JgZ395gmiC-Pwr4xAyCpMBLFzBLNlwMKTTAb3hzq46MQeGtTK-x-zBOTDN9Cw8bcrq23eFetNBxYr5DD9lVqoCwLqWWuvnBa9qqk5olbxATWJ0tfRUK9HVHdnm7AqjXOIVXvHm1ds&sig=Cg0ArKJSzNw0QS55Vc6IEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=492&cbvp=1&cstd=483&cisv=r20221012.01037&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 06:56:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BF3D 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 21:22:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A68 43 B
216 B 546ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=411a0d35-296a-9058-56d7-582461491957&tv=%7Bc:rhwDpz,pingTime:-3,time:159,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:31%7D,%7Br:r,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:159,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B152~0%5D,as:%5B146~0.0,6~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g98+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C161%7C162%7C1711%7C1712%7C1713%7C181*.886862-62195610%7C1811,idMap:181*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 track
servt.modoro360.com/ 0
70 B 104ms
97ms Image
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=kooora4lives.net&rs=kooora4lives.net&sid=7247&t=1665989760&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=620a5acab6e80f22ac327b74&test=1&aafaid=&proto=https&uid=1665989760568-965177218956-006093-006-009538&cha=0.7&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.56&cb=73235115136&d39=&d65=ControlGroup&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338&&ppid=620a5acab6e80f22ac327b74&nid=60095c900c0799791c46d8d4&pcid=620a5ad6cb35c5271669185a&ncid=620a5aee0df18d61ad2f5eb4&pasid=620a5b32c777be6a612ff244&e=bid&cb=1665989762181&asid=62961d99f397a261291b10a7%2C6164157a30821f500637472d%2C618265cafd19a24fd246e545%2C61a49c3ab7cc8913d52ac044%2C61a49c39b7cc8913d52ac03c%2C61a49c3ab7cc8913d52ac058%2C618265d54738091f0558efe4%2C62fd5623b65be05ba45c414a%2C61a49c3ab7cc8913d52ac04a&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 103ms
97ms Image
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=kooora4lives.net&rs=kooora4lives.net&sid=7247&t=1665989760&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=620a5acab6e80f22ac327b74&test=1&aafaid=&proto=https&uid=1665989760568-965177218956-006093-006-009538&cha=0.7&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.56&cb=73235115136&d39=&d65=ControlGroup&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338&&copid=60095c900c0799791c46d8d4&nid=59c9148628a0612da3689288&cocid=620a5aee0df18d61ad2f5eb4&ncid=6188f6678186692d1b57a0d4&coasid=6188f6fc4071e35134085f46&e=bid&cb=1665989762181&asid=62557a24e74fb651954cec3c&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A68 43 B
215 B 458ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=411a0d35-296a-9058-56d7-582461491957&tv=%7Bc:rhwDqV,pingTime:-6,time:243,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:243,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B236~0%5D,as:%5B146~0.0,90~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g98+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C161%7C162%7C1711%7C1712%7C1713%7C181*.886862-62195610%7C1811,idMap:181*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&tpiLookup=ao:kooora4lives.net*%2C84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com*&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=2223897128252124&vrg=2022101002&nw_id=21715635079%5C%2C22630893834%2C7047%5C%2C202189885&nslots=19&eid=31070375%2C44775318&pub_url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&sig=0&req=0&req_cnt=18&dm=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 382ms
375ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Ccube%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C336x280&ifi=7&adks=2970954390&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762321&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc1794333c65a150ae3c5d5ba66a51dbcb7c4789b979b2ea4084c830aad9b13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9226
x-xss-protection: 0
google-lineitem-id: 5818019657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374037645
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 834ms
827ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Ccube2%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C336x280&ifi=8&adks=1370635809&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762328&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f256b1bf801d9f621c00f2332078ab0e60298f45b61fde57066d6678332085b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9234
x-xss-protection: 0
google-lineitem-id: 5818019657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374438803
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1795ms
1788ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Ccube3%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C336x280&ifi=9&adks=3434856133&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762334&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6d032e73dcd2934153478b71bfbb38bec59b972996ba9c13c663de417f32057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9241
x-xss-protection: 0
google-lineitem-id: 5818019657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374033787
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1625ms
1619ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Crich%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=10&adks=2810031837&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-8176806-4%26is_vmhbmp%3Dtrue%26hb_override_id%3D4724128%26hb_buyer_id%3D21784%26hb_r_id%3D46a92e3ac261ac2%26hb_site_id%3D14381%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.06%26hb_adid%3D37576a7ff5f6fc5d%26hb_bidder%3Drubicon%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762337&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2fd0c235da79fc27490d1f0d345f681e24fc32e869335c438f00feb595b588b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11667
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1064ms
1058ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Crich2%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=11&adks=1126810291&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762340&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26ef7c444c9c9cd7e56cd776d76c8e83249f22ae62069a5172d97a88d0a49a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11593
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 303 B
152 B 490ms
484ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=12&adks=2355895160&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762342&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d464643e99a4586944f6aa31f95e78ea322322fcb81cb05c6fa57a8915b3a5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 645ms
639ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=13&adks=289759596&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762346&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a657eba67772ccab87aa0bd540403efd90da44cc909d76edb8a50ae757827057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9195
x-xss-protection: 0
google-lineitem-id: 5850403633
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374455612
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 325 B
168 B 1491ms
1485ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cresponsive%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=14&adks=1309765914&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762350&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef43e91e3db643c54b74c4e7fb08e647b6d985136a58521f3bb0647e6ce5992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
173 B 1201ms
1197ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cresponsive3%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250&ifi=15&adks=2639330056&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762355&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c18e7bdd218acd88339290d74f410ef0917aed1e88cca32fd7fbe76b90b70188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
173 B 2172ms
2168ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cresponsive4%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250&ifi=16&adks=1588386032&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762357&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4382340e8fd645503b5423ef43420765f3739c63480909b3f592a9d2bdee389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
174 B 1936ms
1933ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cresponsive5%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250&ifi=17&adks=4139080419&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762361&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa0fa9e02c1a5a13ffd61b9b7f05c866648e2e9e8d0ede7b2813bf2f260b3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 310 B
159 B 2059ms
2057ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=744548098924474&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=18&adks=3317283087&sfv=1-0-38&fsapi=false&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989762366&lmt=1665989762&dlt=1665989759666&idt=218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bc427445c31d28b20e3fbdc63a4b4696a2153b0220547fb95797c1ac58c292e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 47E3 106 KB
37 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Origin: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 47E3 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7121.3325855MIQ/B27526613.342304406;dc_ver=91.268;sz=300x50;u_sd=1;dc_adk=497053797;ord=msky8k;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdu5fgPxMY8qwEYO4x_APgKafmAKQwOfSa5LhwtLJEO-Un92iIxABIL3PhmhglYKAgJQHoAGCs_T_AsgBCagDAaoE8AFP0ANarBiORcWlVSzV687QSXKqsycku6zfWE9wefbPr4DYXw-J1bM8t_SEIlW4kceybXwJulJgUORnphe9pdiXJneTBOUXZW32uyYXnPhl7mYGInnuHyN1zGbXuH9_lrR_sN1vUd9E1bigd8-zicWPwLKUL6jxKptbKA2ON6qELt9bCAZz-8r-KAQKntP1VY0Zz_w1lPc5sCDWfV5mC45ijQj3BqDvb_4oiwxPQ9jwID_RsbmDNhujb-Noaei8pfO0WI5qCd6bTw2VJ4EEo8CZRooJEjuha70v6TuDCcB87oFkITZ4bDB0FhcUCsW7sOXABKzjr8WKBOAEA5AGAaAGTYAH5syLgAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOI-u0Q0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9niUpB2v6MpKUcOHJSpMJhwR-t4_eB4iOwQf8fkHVNakXoUmATfGbW4BJNkiRyWd4USj6tHg_xe0MGAEgDg%26sig%3DAOD64_2MpNaFJEAjVag2EIGrs39PuxB-Kw%26client%3Dca-pub-9035087792692775%26dbm_c%3DAKAmf-BGdTa8Tc_JJOfiADrrMHGChuJC7VblMfHpL-BKdBtJ14DGzdBBzSvdR_dpkxwtsCuGREJyBmiBSnpgZG6uxqvt1rybu0DYzrVskBNwKvhqiVAiLyU4_8Cjhzdl2Q6tYk6w2lwigp4b9Bz3fiSPFdz3sscg6gH7DihRfTjDLlM_vHDfZbw%26cry%3D1%26dbm_d%3DAKAmf-BiFoW9LqFOGHKDB_MYMmtvzQlo9Y1Jtz7S83P94yrW4V2IOAOAdf0lel4nwYbKPWMbFyIBM39JfswhRTId0ymfGmYMqsRfnoqjgOuLEw8Tj6bxRgNd2Odvn2FHowfZ4pnvogOTzx7gOAEasFdPNNs2LUQBalYnWxR4Da1xMIgA8C_VOIyY1tTTzsnydM5h4QEjAs9AeRocNhw6EarXhwbh7NsvNMwz_uC4gJp4CR0EGEXKAg44dHL2KJfNeCR57wlIanob5OXuXS866Ddp78u8y3tv-nv5v6ZY3dxnLjz9P7Kbm-559bZZ7kRZFXT_P6YvzwV7T4kkiRvI_IurNQugJsj2t3ENLehP7v5Tx-5M-TIU4iJ-_MDfc7xvuoEbyb4MIG-YwYpX8NNfSEVE8PM_t-Fo7W6b_7978_cZmtU3SeAlh4ZhAtSdp3tOPAKvXyOuQ6fLkzFMehdi7IEOQlYB0TeIzIWtPugnnWYeQZNuT8Q9Rb_WEx-qocwI1GGv6VJchBi4P0H78gCpP_ANf8zJAC8twrU9KpOcFXTV1r2ZkOFh_CM%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fkooora4lives.net%2F$0;xdt=1;crlt=LcShPsPtKV;stc=1;chaa=1;sttr=155;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 47E3 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:09:02 GMT

GET
H2 200 main.19.8.355.js Show response
static.adsafeprotected.com/ Frame 47E3 194 KB
60 KB 9ms
8ms Script
application/javascript 2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.355.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008233501&campId=17693586842&pubId=1&chanId=1611661212718&placementId=437454560&adsafe_par&impId=ABAjH0jv_JJ6OM8Jd5J4zXM81uFP&bidurl=https://kooora4lives.net/beinmatch-4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 15:12:46 GMT
x-amz-version-id: Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 920597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Oct 2022 10:37:53 GMT
server: AmazonS3
etag: W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: V-TYHjodE8zjmh1LVFnLuAN1_UMcbUU6O2GqHeGDE97nb2r89hwZoA==

GET
DATA 200
OK truncated
/ Frame 47E3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9b5275bd84413d7b756a353590f53593c48d5a59955a529c5927e3db7baf8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 5 KB
2 KB 14ms
12ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 18:32:38 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 1002 B
256 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 18:32:38 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 5 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 04:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 04:38:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 93B5 118 KB
40 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 11:10:17 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 93B5 57 KB
23 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 06:56:02 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 9 KB
4 KB 21ms
19ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 05:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 05:00:02 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 24 KB
10 KB 20ms
18ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 14:46:03 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 17 KB
3 KB 21ms
20ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 18:32:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A68 43 B
215 B 162ms
162ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=411a0d35-296a-9058-56d7-582461491957&tv=%7Bc:rhwDw4,pingTime:-2,time:562,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:602,beZ:603,mfA:605,cmA:606,inA:607,inZ:612,prA:612,prZ:623,si:634,poA:635,poZ:670,cmZ:670,mfZ:670,loA:844,loZ:849,ltA:1163,ltZ:1163%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:31%7D,%7Br:r,w:300,h:250,t:153%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:562,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B556~0%5D,as:%5B146~0.0,410~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g98+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C161%7C162%7C1711%7C1712%7C1713%7C181*.886862-62195610%7C1811,idMap:181*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:33,sinceFw:528,readyFired:true%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D3CF 22 KB
8 KB 14ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D4B8 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2_3Ec4QfugEVNvMj02Ou7jvvxGPeWVSslwCtXua4t4i9beZOS1N9BH2PopPaGQW7IEJptBd95Wtr2c2NDOLxW8fZHWdSLkvu9GlZ3GGjPkpaO1fgdGgy-S6TuQltSdED5MAZHqRo&sai=AMfl-YR_96ljN60uS0lENH00zGy4nps_ti9ZPbR4F0yf9YjVfWe1z-E9lQFAbHX_4G4U_f7H-2ilexnDZsr22OEcRAmCwBdaCRMWHvpOaFkKWZHYCW_ERQbdKwsJbClY1HLA5fc&sig=Cg0ArKJSzLu8UNsVJTtvEAE&cid=CAQSPwDq26N9qQvA_kmK_F7MppWuSsUpgofcYWurcE_S4sCyLU_Qo2EkfrwMdZBKp7B5IqEND24UIdYTl7cR6aMLPBgBIA4&id=ampim&o=650,273&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1279&mtos=0,0,1279,1279,1279&tos=0,0,1279,0,0&tfs=769&tls=2048&g=100&h=100&tt=2049&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BB1A 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 144D 36 KB
16 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 261A 28 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 17 Oct 2022 07:19:08 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 22ms
18ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kooora4lives.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://kooora4lives.net
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Mon, 17 Oct 2022 06:56:02 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
645 B 24ms
23ms XHR
application/json 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 75ea01d486be9457bb16b1ff50fde02fc518572d53caa090321546eff7362b59

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 17 Oct 2022 06:56:02 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
536 B 12ms
11ms XHR
application/json 3.64.202.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tmax=2000&gdpr=false

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.202.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-202-105.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
accept-ch: user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink
x-auction-status: 7, 7
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 307ms
307ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=24012529113

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 06:56:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 11ms
10ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://kooora4lives.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 343 B
800 B 53ms
51ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1665989762147-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=4135a5da-26d6-4813-9a2d-5aa33e026112&l_pb_bid_id=39286b439ca72fbf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1665989762147-0&slots=1&rand=0.8144557055371204
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 18c1ebda405e285a385c1e68e1ae2d82db2b1458339875de3fc1d416eed828a4

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:02 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 343
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
981 B 18ms
17ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d9abd4f5bd186b561c72036285eda558a4489b2f07ddd287fd969c749f6f2a26

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:02 GMT
AN-X-Request-Uuid: b5939ca9-9d66-4303-9f91-c50c4492a532
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 309ms
306ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=26452859409

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
981 B 16ms
15ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5d22e3cdda041541cc6a2149622b34eea76497dffe3694039baab209f80c37bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:02 GMT
AN-X-Request-Uuid: 73407444-b6ae-4eed-9905-65194c7a12d2
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
981 B 15ms
15ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a929103966bed9c4d232d8d2523be7449521c8c2677b4989a67015b894d7f2ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:02 GMT
AN-X-Request-Uuid: d30a6221-b214-46b7-8e19-e545937a62aa
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 15ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 17 Oct 2022 06:56:02 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 53ms
52ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 17ms
14ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 17 Oct 2022 06:56:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
44 B 17ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Mon, 17 Oct 2022 06:56:01 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://kooora4lives.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 14 KB
8 KB 114ms
114ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=10&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=c61209a7-735d-4c23-ab2f-8ea26ad06fc5%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1665989762147-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=4135a5da-26d6-4813-9a2d-5aa33e026112&l_pb_bid_id=41985194be454536&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1665989762147-0&slots=1&rand=0.5489051489808761
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7d907514c7fbb76203ff4bc1110ccd6cac5365d5842d409659b4c4c814e100b5

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:02 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7550
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 317E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1191119/66022382/skeleton.js?adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.goo...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

9ms
8ms

Script
application/javascript

2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 21056279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: GdWzpndOz15MktKQs1_2nu_mRi422_fa_xqgX2Uu8LPuQE_x6TMSLw==

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 68AC 91 KB
23 KB 9ms
9ms Script
application/javascript 2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2215186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: rXBtkFNd1Te2TFzNPLlK-glhWe0FDAI6_4leIAllO520DtFhrcvdNQ==

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame FED3 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 70ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:56:02 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 165ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwDyZ,pingTime:-3,time:1021,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:942%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1021,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d,idMap:16*,rmeas:1,rend:0,renddet:na,siq:944%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwDz5,pingTime:-6,time:1027,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1027,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d,idMap:16*,rmeas:1,rend:0,renddet:na,siq:944%7D&tpiLookup=ao:kooora4lives.net*&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 75 KB
19 KB 14ms
13ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa3f3efd20782e03666b819e0a80bb82369a805af8003599480a8323efa8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 198588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18947
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 23:46:14 GMT
expires: Sat, 14 Oct 2023 23:46:14 GMT
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47E3 0
26 B 46ms
44ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8jpIQAnYnlO7RDxPoN2dcfUAeRxD3CV_wFPLTqoUxJ4SZsoDV-Wc8JA3ArHSFTWKjXKWHzVFZIni_Rhq5PhcRNbtKcq84fAlFBoqXgwYJ1ZK7zcmSXEw2aiXSqZJPNeeTHWgOhVQLxjRD9_PZs8fcZ6FPDFXP65F_LV8&sai=AMfl-YRydoMobHnMft1m-EX-DTu19AogGgV4Rq3ThehBNqjhnTocs8PFlxJ7A6ql37pigtD9eLkodknZQ1SbSA4VP8KTGTsWinJZPtyUlwcB&sig=Cg0ArKJSzAYdTS7G5mJgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=386&cbvp=1&cstd=384&cisv=r20221012.62926&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 317E 0
26 B 46ms
46ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOpkqNOMaEENGG_2nEb-GpsaVtZ4DOTP8PJFj52U0qt6BoJ_9CYjUwFzx0IvBEqUuFUBIukRbLGUWRhDSwX7dHvvutj2SCNKk8LPuCr8IX29cC6Dh5AWYgUDhnnbUqSxR-oIEwwMG_z8KvikhpHp4wQsOChHQkhr8TcttVp9Pjg31qBkNkPcKFE2BBxiJa1zzFhbbc09dIFAlgfiOFgu-or-4PS2t87MjP__NRzaJh8hhe24K99BnAx_DemMHd4e6mg-iodSbxUhcMy_xqDAT5PpbdUdTdmQpB32r51Ax9auBEo-zS665NDHwZuBPWIV5pzBLpxb1Jr9FJ6ffSm_R-zHgQlBQkaR1vV7yreuDMsaH_1c-Ya0a6yWFloL8GSJ4S1Fw3VpcXm3gRKutjXnH0W92wXPywdoDHyHDQTuyAuSVU1HGbyYgwlkYRg3w6YGdDRMuBrR9Hl-9olA431d2JB4_0H2eFoQrGFDiTyOYl9Fed6TD7q-uQAFrU_wrH3CkLy3GRO2GFOoUR1R1mC8iAaPtixOfS7X6gaGnldNR1QVKP1u6h1ZIJD5RVI5ywjXDTgbeJInqp_p4ZjV5vIx64yQMwS9ABTi6eVQ0gYjuPfQF4Yw0yxinN58JWUa8kml43_B3E2u24I3l7mC1e1DC9eMfJQa-i46V9iY0Vjn9zaIvxDRM9QzILS-V2Gr30OQLWYTO3oXcncEZqants4lMmpxOVvL-DmhSz1Z1tLbSbR05oy0qmVMuSaL5-Hvf4XppfzTYebr_6Ey949OC4YlFTd_17TFz4wP2aZk1Zpvjbr3WlPkPjfcTX9yn0eJ8CgkttEZEg5HC2Gp3B0gEa_Jqv91YW9ELgXsFZjcWmBqFymCIKpesTHu2Q2f3oFUGuyX6-jrZq_AN44toDb1ggWBQHlDJh6-LAgD63Z3iBSj-YkoXyINiIMf0Zu4Hkz5Y8mZeq0UvxbJxTKmj9dalaahty3ZvOCND4i-fwgIscHdMoLs4XQXLk89I5EK5lItQT8WmCQQA8cL6Fab-cyXiZXuWJdf6K_6JzMKIzLQfjb2B81Q8ybF7aa-itZQhctLw4z-fos2tHfWhH6Lh6qxlgroveTYw_T3jZZ4WHh5PAZpmHWvFOl9rNHxFfgZzc2vFKN3wTczuoayJN6uw1QvyTCgcLzCNe7omzayXknfUQ1iVz-lQrJMOYX5aVR3O7lhJPRfwD7u9VaWj-1287xnvlJAD0e6Gi4qzOINZcEFS_s-w&sai=AMfl-YT7TiuxlHFGvudEgJIS-J5UYAeCru6LeYWeqApbtlZQc97I7aeWM46MhYWDLIeCe3q2uvErz-hOTD-YGKXOVDycAyjNDmRqpYsAyLX1br6BFww0-JskwrdKZc6UZhfxnACY3Hbcxz0wHg5EX1dc7g5Pf8t5DeS8hVmRkHFXKk8NM2nPdZvQihhYz6rKxyO4ixFiFogAuiKaM2DHG874GIy3MvvYIr9GCooqOSElLeyTiNTfFdusaSVRkmC2Ivr-vsZEfQhN3ixBnCa1kDw489E&sig=Cg0ArKJSzNSkRp9QqwBsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1252&vt=11&dtpt=812&dett=3&cstd=436&cisv=r20221012.40112&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame 261A 61 KB
23 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:40:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 164ms
164ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwDzH,pingTime:-2,time:1065,type:a,im:%7Bsf:0,pci:%7Btdr:118%7D,pom:1,prf:%7BbdA:687,bdZ:770,beA:895,beZ:898,mfA:1808,cmA:1810,inA:1810,inZ:1816,prA:1816,prZ:1831,si:1838,poA:1839,poZ:1859,cmZ:1859,mfZ:1859,loA:1921,loZ:1925,ltA:1959,ltZ:1959,mdA:899,mdZ:1018%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:942%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1065,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B147~0%5D,as:%5B147~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:944,sinceFw:119,readyFired:true%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E222 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6D68 29 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 21:22:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8B0 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:23:30 GMT
expires: Tue, 17 Oct 2023 06:23:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B64C 783 B
535 B 26ms
25ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89bc5c21fe7b8821eb91e5fbb197199534b915b6e2980bb1ddc2111595bcf19f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-snXw0wuRcA0ajW_4WDvEkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-snXw0wuRcA0ajW_4WDvEkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:02 GMT
expires: Mon, 17 Oct 2022 06:56:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D3CF 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F888 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2215186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: tATw0eHK9xu1gtyWerOCqO7vL3dMkE-v_M8zWWUw4EqXre_idSkQFA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 47E3 43 B
215 B 36ms
36ms Image
image/gif 34.248.3.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=1008233501&campId=17693586842&pubId=1&chanId=1611661212718&placementId=437454560&adsafe_par&impId=ABAjH0jv_JJ6OM8Jd5J4zXM81uFP&bidurl=https://kooora4lives.net/beinmatch-4/&adsafe_url=https%3A%2F%2Fkooora4lives.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:68bcb591-2816-6958-3a20-bbe847e05adb,c:rhwDCc,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-49p7m,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:537,mot:0,app:0,maw:0,fm:tkv9gfo+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:554,oid:c2d42e38-4de8-11ed-8953-16740d9a3277,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.3.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame BB1A 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H3 200 B9689862.280630144;dc_ver=91.268;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=521587881;ord=lhtzu8;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fkooora4lives.net%2... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 261A 56 KB
26 KB 77ms
60ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=91.268;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=521587881;ord=lhtzu8;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fkooora4lives.net%2F$0;xdt=1;crlt=LcShPsPtKV;stc=1;chaa=1;sttr=220;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

b9154781db8f1e840d936659d0fbc2c27048be29fa7a31b3c79bd5e73b436e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 93B5 7 KB
6 KB 43ms
26ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570cc2e319d8030e5bad4dee61bcd6574f1aeb9119ac73fb71cf69d9cc2d5fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5695
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A68 0
26 B 47ms
46ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyVgUcy6eGWlz-mXTrDVxXzWBlfxrS8KpOrT-GsguYgHiYUeEqeC79HgfsbZUo5uHE9k1t-kOdA9AU9nWOiw2W6pHKZeVPbFvOuHLEKXfFM3SITxcyKAYoPWMJ333EijO5Hqp4k7uVApPs7iOwXeui6tqDfUgfajIlLrWjgPEKJoHwsuJOc2CmXAOis8MYNpDCH8OwajVIz7XJ8H4kptNvDjUp1NRvMQ95m55iNLHECXxwxHxx05G7l4i837XPcIV1S6gq0U9adWLQZr03Er3dA14JcXTICTtFCcH3f0U0NHUW_xPK7enZ3IC-NojrhML5WiIhQPX7EcnOfVlQCmj-C_yqmG_9RRrrTr4rDLX46XwyDsFo5yjmwQNKeEEvQSlEuELiZV6OpizPjSfxo860egk7_vzxX_qDQMeeWjPzrXbIPKKJJG1ndVb_g3ObBeOwSbjPI3iHWjnWeCq30K4pSV4mFj7Qfbi9CwIsh9Cd55RJIzYsLGpS9jVLjD8Tcc8sxm_mVY26F9Ajs9kS_LNMc_2V9vMh84I7x6JfoL8HlL22Fw4JP_tN2AMoLX0d4N_1hThKai8m-RbTbypd_jT3SJeQLgMQI-kbC8WSYsas2u5UQC583xZHjWk_RcUqYIWUO2HC0l1jzZ73a2Qc0M8nZ7xB8xOzw8XFunxs-Yqbzjuru9Shplitl0oMdshzbwKNWuAZ5N55H9RE8BoBxOIIvqiDdKUmvPPmXJmrgmTDnrU5GLTc3oBQnDdFzLTiMSZa6V-PDUkI5Q7wggjzUGj81R6ll5YtHshTHQyoQNmCbwl9x0XaOGRagGk4PHx-uIxaq-IwHyhxmKLQNVlI-TZ6ZciGBvVvl6HIpEBoAvTq3FwEFGTVeW0L3cn-l7c7N0h1dDtauzsxcHSRKrw72w37ym6HCOaxtGvO-OxJ6C2RKAHE9JoIQ3SFb-jkf4ZQTFBlo189TyI9Wh9_8w-23bSb0Uwb7HzKfaCtDBy0NqzpyA_vYZ1x_uFiyst93z3UfWppBMzVNdmcmuyRQ4gpDqq3LlN0ROfbum97siq1Yz7AdoNMlUoEl764o0Lb4ITqoBOofQYw_POidmb7zYH6fu-E1a84KppHegcTGk6i1yYVPS2VGfQAweKRP37XMBMuv3TyRsZ0xg1eRaX31vQTKHBCk7zoyOHBogOTIBf-YnJEr3WEqhVJ8l2pnES1VlalBCGsjOUw5puQc-2ESb52LBGncx-SVRYPQQU&sai=AMfl-YSRApdlxTXN3Y13x8Fs2KR9wcxmxGJr8yKtToaNsW4DrurTPDND3Omc5bliy7x3hmBVisu3stvTjqEI5VdljLF6j4wiNrulU5iCumfOftgiTPEUgwIZUMLEtKGIo-xMq70Xe2peWkN3Z4JgZ395gmiC-Pwr4xAyCpMBLFzBLNlwMKTTAb3hzq46MQeGtTK-x-zBOTDN9Cw8bcrq23eFetNBxYr5DD9lVqoCwLqWWuvnBa9qqk5olbxATWJ0tfRUK9HVHdnm7AqjXOIVXvHm1ds&sig=Cg0ArKJSzNw0QS55Vc6IEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1390&vt=11&dtpt=898&dett=3&cstd=483&cisv=r20221012.01037&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 162ms
162ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDDB,pingTime:0,time:641,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:641,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkv9gfo+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 163ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDDE,pingTime:-3,time:644,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:644,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~100%5D,as:%5B3~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkv9gfo+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 163ms
162ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDDF,pingTime:-6,time:645,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:645,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~100%5D,as:%5B4~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkv9gfo+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554%7D&tpiLookup=ao:kooora4lives.net*%2C84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com*&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 317E 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0IlOzc-PTrwH0TaquqiETdZLWU5_WTsPqHZkTy8jbN33p9TeRk8SbynviPNmXJOwBlE5uxtfuy3cXh9U4q4sgztKW1jWU10Yw09GF7kKobHjzmnGXgG_i5LjQhLF8H82MJaixrK0&sai=AMfl-YTsP0JMp8x9Vyu6Ecz-Y_LgI0yRdP8K_6d3zmoGTvIHA4K7vSxI1q8qZtMZ2A-3Tc_vsf0RlpbfcvssQNBETkLpksff_oVuvvn_R5lzEVK2LwjKl8kfN-KVlYjNXn0k_oM&sig=Cg0ArKJSzPGgq1uh947DEAE&cid=CAQSPwCsnQUxo3v7LNp6-xWBf5RWwU2LK3OKqRZLVd9BcwKpObvq4bfQTvHnwL47W-2mhqwk5jUMToM79i492jn0CRgBIA4&id=lidar2&mcvt=1097&p=681,650,931,950&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3282943425&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665989760842&rpt=1053&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 300x250_cta_01.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_cta_01.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3295ca9f7cc61f8743e095c72b8c551e90d9d3ebe375ad1da57500f6d7cdb276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:38:36 GMT
x-content-type-options: nosniff
age: 274647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3162
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 02:38:36 GMT

GET
H3 200 300x250_Eg_03.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 5 KB
5 KB 12ms
10ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_Eg_03.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

399369181172beba7c0c044a9ba75892c7656eef2092c57ee532b830b1bebf7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 14:21:47 GMT
x-content-type-options: nosniff
age: 232456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5525
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 14:21:47 GMT

GET
H3 200 300x250_Price_03.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 8 KB
8 KB 13ms
11ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_Price_03.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f0e4d06a9f4e92efe079b0aedf4aaec96322f4fcb2e0c15d768cbd4af2ecb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:37:50 GMT
x-content-type-options: nosniff
age: 263893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 05:37:50 GMT

GET
H3 200 300x250_Product_03.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 56 KB
56 KB 15ms
14ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_Product_03.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

442e54ce9a08dda90dd9607253bbccc11a003447feae2e35b4f88e930db61817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 18:26:59 GMT
x-content-type-options: nosniff
age: 563344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56935
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 18:26:59 GMT

GET
H3 200 300x250_HL_03.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 5 KB
5 KB 12ms
10ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_HL_03.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d628f6cb07deaf923239fe0be78934cc31ce0bf6a2b694d1f0f5e30e8ee31580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 10:11:30 GMT
x-content-type-options: nosniff
age: 247473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5289
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 10:11:30 GMT

GET
H3 200 300x250_SA_Logo.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 3 KB
4 KB 13ms
12ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_SA_Logo.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678a490be772246b79ec3ce0289e5e949e04042b9c48fbc3de9d187327c4588b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:34:46 GMT
x-content-type-options: nosniff
age: 242477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3563
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 11:34:46 GMT

GET
H3 200 300x250_BG_03.png
s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/ Frame BF3D 45 KB
46 KB 15ms
14ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/300x250_BG_03.png

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e32d54bf6f0e319a88c8456ad440805b3c930643d35628d4a1a9bc7b415d76af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/618340921295079187/300X250_HISENSE/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:16:27 GMT
x-content-type-options: nosniff
age: 286776
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46585
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:46:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Oct 2023 23:16:27 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C0FC 15 KB
6 KB 63ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 908519
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 42ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:56:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 164ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDFd,pingTime:-2,time:741,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1090,beZ:1091,mfA:1626,cmA:1627,inA:1627,inZ:1628,prA:1628,prZ:1639,si:1643,poA:1644,poZ:1652,cmZ:1652,mfZ:1652,loA:1734,loZ:1736,ltA:1830,ltZ:1830,mdA:1092,mdZ:1103,idA:1652,idZ:1690%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:741,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~100%5D,as:%5B100~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554,sinceFw:187,readyFired:true%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 439ms
439ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2223897128252124&correlator=2941582010415494&eid=31070375%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fif&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cdynamic%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&ifi=19&adks=2220773145&sfv=1-0-38&fsapi=false&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1665989762147-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D4724128%26hb_buyer_id%3D21784%26hb_r_id%3D41985194be454536%26hb_site_id%3D14381%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D421b70ff5b4367ac%26hb_bidder%3Drubicon%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fbeinmatch-4%252F&sc=1&cookie=ID%3D930b0b1ec81cd12c-2216934748ce0090%3AT%3D1665989759%3AS%3DALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA&gpic=UID%3D00000b745fd84ec5%3AT%3D1665989759%3ART%3D1665989759%3AS%3DALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ&abxe=1&dt=1665989763152&lmt=1665989763&dlt=1665989759666&idt=218&adxs=-300&adys=310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fbeinmatch-4%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=APxP-9AOO6KxZ6oFwPaN3A8eS0_rPNx7NjRfhZTq4yiD6U4IHcniQ6pqDod2kCJW7Ko6qg1C71HWvSkMTlryMj4aAzouAHs0pvcaow%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9DxcbNOad7A4Dli3ZPT-VOS76U6NEKYXvNr2U4aZSL1knx7OzVqJdJZz_ujHW84rtxkWMFlYUMnFOQtvvcXLwWcnA4&ga_vid=937134123.1665989760&ga_sid=1665989760&ga_hid=275299180&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGI7A6aW-MEgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54ae02580fcbc56267817b94becd1569812012dff51264d68f9686be1781e4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11722
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 93B5 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A68 43 B
215 B 163ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=411a0d35-296a-9058-56d7-582461491957&tv=%7Bc:rhwDGq,pingTime:-10,time:1204,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665989763217%7C%7Ccdbb7dd3c044c245cba01b4e9d86e07e%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C5e159657b0e319d228bb98e11df021ff%7C%7C596f5f77e035a08fe912a591b1fb345b%7C%7C9dc8dfeb6b2dd5f96383f07763c546ac%7C%7Ca6fb380eb73fd07df1d695827f2d7521%7C%7C919bde62cb52d5a9b3d4cc7ab4ee27d3%7C%7C1663701684,im:%7Bpci:%7Btdr:994%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/ Frame 93B5 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/skyblue.png_1650378740125_skyblue.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 168956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2050
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 08:00:07 GMT

GET
H3 200 Family_2256_1589_1.00.jpeg_1650378740125_Family_2256_1589_1.00.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182abec64d3296ca5bbae30/original/ Frame 93B5 18 KB
18 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182abec64d3296ca5bbae30/original/Family_2256_1589_1.00.jpeg_1650378740125_Family_2256_1589_1.00.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86de4fac038edc1323d1432d293e2de6d4b48abe53577cee3f7350a351385d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:00:02 GMT
x-content-type-options: nosniff
age: 266161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18267
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 05:00:02 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/ Frame 93B5 2 KB
2 KB 14ms
11ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/gradient.png_1650378740125_gradient.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:15:48 GMT
x-content-type-options: nosniff
age: 240015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2035
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:15:48 GMT

GET
H3 200 baseGradient.png_1650378740125_baseGradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/ Frame 93B5 3 KB
3 KB 13ms
10ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/baseGradient.png_1650378740125_baseGradient.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:50:12 GMT
x-content-type-options: nosniff
age: 241551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3232
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 11:50:12 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 93B5 91 B
120 B 16ms
13ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 08:00:03 GMT
x-content-type-options: nosniff
age: 168960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 08:00:03 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 93B5 7 KB
7 KB 15ms
13ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon1.png_1650378740125_icon1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 168956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 08:00:07 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 93B5 6 KB
6 KB 14ms
12ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 08:00:08 GMT
x-content-type-options: nosniff
age: 168955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 08:00:08 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 93B5 6 KB
6 KB 14ms
12ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 05:00:11 GMT
x-content-type-options: nosniff
age: 525352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 05:00:11 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 93B5 3 KB
3 KB 16ms
15ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 08:00:08 GMT
x-content-type-options: nosniff
age: 168955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 08:00:08 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 93B5 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 08:00:08 GMT
x-content-type-options: nosniff
age: 168955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 08:00:08 GMT

GET
H3 200 blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/ Frame 93B5 2 KB
2 KB 16ms
14ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=kkGHzPySKt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 08:48:02 GMT
x-content-type-options: nosniff
age: 511681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1923
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 08:48:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 261A 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=91.268;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=521587881;ord=lhtzu8;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fkooora4lives.net%2F$0;xdt=1;crlt=LcShPsPtKV;stc=1;chaa=1;sttr=220;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 261A 0
26 B 47ms
47ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4ymH56m3ytBXo8LHLtH_Ph3EdeFSKwvyfgLAxvcSfI-Wl7Dt8jUSvB4BvesdcbK5xoMWwuDQl8dP8fZyrnKy6C8ba6J2_3fDH4JZw16JoK1I4H8_astj4OA7v8jXcsdm32wLi6syCwyC-rfN49aEE2Z0UuqraxcXS&sai=AMfl-YSc92_9rjZFC9Xdh9G-uqi0RnQV-mVyfsItgbMPtfpQvhQ1mMYEA3UXVylVuRRl86it_lC_qzY-xHMhxbdecTTRL2rcttmYM9VuBiCp&sig=Cg0ArKJSzBpAaS23UZIcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221012.47332&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 16962963768266320094
s0.2mdn.net/simgad/ Frame 261A 33 KB
33 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16962963768266320094

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 10:37:18 GMT
x-content-type-options: nosniff
age: 245925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34175
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:29:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 10:37:18 GMT

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame B0EA 545 KB
105 KB 11ms
10ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame E222 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 13:17:01 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47E3 0
26 B 49ms
49ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8jpIQAnYnlO7RDxPoN2dcfUAeRxD3CV_wFPLTqoUxJ4SZsoDV-Wc8JA3ArHSFTWKjXKWHzVFZIni_Rhq5PhcRNbtKcq84fAlFBoqXgwYJ1ZK7zcmSXEw2aiXSqZJPNeeTHWgOhVQLxjRD9_PZs8fcZ6FPDFXP65F_LV8&sai=AMfl-YRydoMobHnMft1m-EX-DTu19AogGgV4Rq3ThehBNqjhnTocs8PFlxJ7A6ql37pigtD9eLkodknZQ1SbSA4VP8KTGTsWinJZPtyUlwcB&sig=Cg0ArKJSzAYdTS7G5mJgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=960&vt=11&dtpt=574&dett=3&cstd=384&cisv=r20221012.62926&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B64C 0
0 43ms
42ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101002&jk=2223897128252124&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame C0FC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ciLdfXxEQlA5a2xLRi9QR1ZwN0YwT24rVGRja20rZlNFNDh2OE40dXpPVGFxM2l5aUkwajhpN2pXWWpFd2x6Q2dhMjRyT1AyUDhPb1lnUit0R0NvVWdTcDNKQjhRUVR0dndxb2I0M0ZpaUxKdE5tWFg0WE51YWNLcDU4V0...

439 B
661 B

180ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ciLdfXxEQlA5a2xLRi9QR1ZwN0YwT24rVGRja20rZlNFNDh2OE40dXpPVGFxM2l5aUkwajhpN2pXWWpFd2x6Q2dhMjRyT1AyUDhPb1lnUit0R0NvVWdTcDNKQjhRUVR0dndxb2I0M0ZpaUxKdE5tWFg0WE51YWNLcDU4V0N2b1pTTTFxRmNBczdEWmJmajZsMEowUWtnQjRiMU1JMGFGdEd0NCtqNGo2dGs5Y204SWxpMXc4YW1US0c5RHJhdVZIRHpMa05TUUJMVWpVK1lLeHZ1RXJ4bGZReFJsdmgvT1FJeWEwbVJheHcvZ0hBek1IVXFoZzVDbi9DN2VBMk1CMjZaN0xqWWIyMmhpMlBkVFBxUndZQ2IwWlZjUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

24b1f91a3da4255e71d87d86c3cf4845776692489ed67a93f483a8a5f58c3504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2897581
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ciLdfXxEQlA5a2xLRi9QR1ZwN0YwT24rVGRja20rZlNFNDh2OE40dXpPVGFxM2l5aUkwajhpN2pXWWpFd2x6Q2dhMjRyT1AyUDhPb1lnUit0R0NvVWdTcDNKQjhRUVR0dndxb2I0M0ZpaUxKdE5tWFg0WE51YWNLcDU4V0N2b1pTTTFxRmNBczdEWmJmajZsMEowUWtnQjRiMU1JMGFGdEd0NCtqNGo2dGs5Y204SWxpMXc4YW1US0c5RHJhdVZIRHpMa05TUUJMVWpVK1lLeHZ1RXJ4bGZReFJsdmgvT1FJeWEwbVJheHcvZ0hBek1IVXFoZzVDbi9DN2VBMk1CMjZaN0xqWWIyMmhpMlBkVFBxUndZQ2IwWlZjUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 361546
content-length: 0
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 34BA 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 163ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwDKO,pingTime:-10,time:1754,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665989763490%7C%7C1ac058817d94cf5b75f50a87049d1b5f%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C6eb8315f4d33a2c17bd97e7b5c872097%7C%7Ce5f2700ae09f61639cfcd31b233e0233%7C%7Cae66d4108f4c7bcbae25c69814d83b75%7C%7C592a2fbd1742c8721e56af62bac73a23%7C%7C059ceaed8dfafec971d3f41ac4b63f6b%7C%7C1663701684,im:%7Bimprf:%7Bttecl:1536,ecd:106,tsecr:278%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 261A 0
26 B 44ms
44ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F8B0 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 25D6 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47E3 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus9XhZoKE40mL2okuKOvbKHtnRczScVyRtfB7jChA4Oq-gmzMuREZ653W-twD_3-P69HMaGdJwON9qEEszJDBRz6yc_OZ_tqW8AOKBqjAOg9HKauEiCSkViKiU5bO8x0q1psBbihM&sai=AMfl-YTp_qXDiC2WYu_eX5G12miL6XKfIpgQWuDFbD06UK413Q8eBNnoeb508yj9DS3KhRwmAwR_gtk3Wy7AS86n8yTlbfKyC6fcxKIm-rr31bfFvC9LT7yPLISoQqMsylEcHg&sig=Cg0ArKJSzFxVUz8Xz8R1EAE&cid=CAQSPgDq26N9niUpB2v6MpKUcOHJSpMJhwR-t4_eB4iOwQf8fkHVNakXoUmATfGbW4BJNkiRyWd4USj6tHg_xe0MGAEgDg&id=lidar2&mcvt=1062&p=100,650,150,950&mtos=783,1062,1062,1062,1062&tos=783,279,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1477491321&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665989761313&rpt=1117&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2b50e80d19a5e91c0c4ef3df1aaa1d90f61824911787244f9ed1ef4e1553263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:00:42 GMT
x-content-type-options: nosniff
age: 266121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2791
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 05:00:42 GMT

GET
H3 200 headline1.png
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 5 KB
5 KB 13ms
10ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/headline1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc094f38237e92914c5af4b655d224d4f673360efbb89b5b45b6c921926540b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:00:42 GMT
x-content-type-options: nosniff
age: 266121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5073
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 05:00:42 GMT

GET
H3 200 product_1.png
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 4 KB
4 KB 11ms
8ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/product_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef8a5b419636160849a93bdfaf44d739aa4aeb806d84d38979260a9e179591dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:00:42 GMT
x-content-type-options: nosniff
age: 266121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4497
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 05:00:42 GMT

GET
H3 200 headline2.png
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 6 KB
6 KB 14ms
11ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/headline2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559759a095072ba523a50f07fb9ea0e96ad3d7c05eef14ed0cedd65e7382fc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:00:22 GMT
x-content-type-options: nosniff
age: 179741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5859
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 15 Oct 2023 05:00:22 GMT

GET
H3 200 videobar_1.png
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 5 KB
5 KB 13ms
11ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/videobar_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cdcb42c3ed1f6e95fe6869d4771b7f015e530ad6d1bc51b78397579f0913283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:00:22 GMT
x-content-type-options: nosniff
age: 179741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4960
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 15 Oct 2023 05:00:22 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/ Frame 6D68 3 KB
3 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014bdf5a23c8194399a400cf5f7e4b96668f583a481d7204420d58659597def3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8998954080554964386/US_Bose_GE_HTML5_300x50_July_2022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:00:22 GMT
x-content-type-options: nosniff
age: 179741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3348
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:15:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 15 Oct 2023 05:00:22 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B0EA 694 B
700 B 136ms
13ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=362&ttfrms=50&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3F6ETar9EEADTbpTauTaugc2b_22f65ege7b7e73dhch4%60_4g5_ea%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaugc2b_22f65ege7b7e73dhch4%60_4g5_ea%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3F6ETau36%3A%3F%3E2E49%5CcTau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1665989763675679&jsCallback=dvCallback_1665989763675468&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=16&brh=2&sdf=2&dvp_epl=423&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://kooora4lives.net/beinmatch-4/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iH1Td4YZLI6H9e0Jy730uu&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16718138814&DVP_DBM_4=418316440&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1611661212718&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=661434718724.3682&dvp_tukv=34126220575.127728&dvp_uuid=49705573328.90272&dvp_strhd=0.5999999046325684&dvpx_strhd=0.5999999046325684&dvp_tuid=268385628598
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 6b44694df5f1698aaf31da0f7f6edd008e75d66ebddf994c6e2046800f226d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:03 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/16/2022 06:56:03

GET
H3 200 container.html Show response
84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8CDA 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:00 GMT
expires: Tue, 17 Oct 2023 06:56:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 164ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwDQR,pingTime:1,time:2129,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:942%7D,%7Bpiv:100,vs:i,r:,t:1073%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1056,o:1073,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B155~0%5D,as:%5B155~300.250%5D%7D%7D,%7Bsl:i,t:1073,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1056~100%5D,as:%5B1056~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:318,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:944,sis:1328%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 164ms
164ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwDQR,pingTime:1,time:2129,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:942%7D,%7Bpiv:100,vs:i,r:,t:1073%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1056,o:1073,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B155~0%5D,as:%5B155~300.250%5D%7D%7D,%7Bsl:i,t:1073,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1056~100%5D,as:%5B1056~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:318,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:944,sis:1328%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:03 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 34BA 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 13:17:01 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 166ms
165ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDSH,pingTime:-10,time:1577,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665989763217%7C%7Ccdbb7dd3c044c245cba01b4e9d86e07e%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C5e159657b0e319d228bb98e11df021ff%7C%7C596f5f77e035a08fe912a591b1fb345b%7C%7C9dc8dfeb6b2dd5f96383f07763c546ac%7C%7Ca6fb380eb73fd07df1d695827f2d7521%7C%7C919bde62cb52d5a9b3d4cc7ab4ee27d3%7C%7C1663701684,sca:%7Bspg:411a0d35-296a-9058-56d7-582461491957%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47E3 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxJcxQGLF-YPhOI3TuTGeFC7zX9ftFw1CRRcp-C6D6-VFzKWOzL1v6AR-73F_XrBNYDwSIiMtv9oUndKqHgR2r9oUbToBphdg&sig=Cg0ArKJSzNm8R69TxMI4EAE&id=lidar2&mcvt=1130&p=0,0,50,300&mtos=1130,1130,1130,1130,1130&tos=1130,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=497053797&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665989761313&rpt=1533&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 167ms
166ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDTY,pingTime:1,time:1656,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1656,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1015~100%5D,as:%5B1015~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:397,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554,sis:772%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 170ms
169ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDTY,pingTime:1,time:1656,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1656,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1015~100%5D,as:%5B1015~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:397,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554,sis:772,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 169ms
168ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwDTZ,pingTime:1,time:1657,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1657,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1016~100%5D,as:%5B1016~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:397,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554,sis:772,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9CE2 0
16 B 20ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCCoHQYwafO1AEwAQ&v=APEucNX_yZC9Gz8Esq5FZcrttGFS8D_atMCFBjaeMWF4S1U5yAYu4qADMYZnkvXEFa3Lp29vCDpcoqL2kDfQsUtnAdG5KHD9pI9GWvrFxNSPto9M_RhwMbmMtN3Hz3-ccE-x1LscSvn-vJuvH5KcKV1aHqCCOosVe8WA5w9xU-Ze0HXD6uxuM4I

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8CDA 32 KB
18 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8EoYJ7wO-5wFgl-ZBYyT3l3bZxG3na-ShKSMryy3zGJYPST4hxeuICr_MKdkkoGSlHR9CT7droYQzigwSwoHoznzfCF-iDwrO4SDivmsrhq3dyrDY1229jVNgMn8o82XL46SZlfRogSP6eoG_uHBEJ4awq87k4TJbDHPtYvcXrIdNC8c&dbm_d=AKAmf-Az8Ezfw10VFYmv3lvlSGyLD1ZG-D2FmSKHWs6xs94g5veY7sVhUYdKSu3NxcX0RGLQC_oqJbpUpcJbJWpf-vsYxp8y5yFehq2hlh-jXCvVdPttCs_9YvpbXqdMtT85G52v2ViFq9RNk8r_ulSNCawl3mkX8RY_Okms7d9vP9sT5oADHaJ07Cbg0GYMTxZdsGWcw7_TcRS2XxIQOMyXOg_B-5r3BwQhF4u9JESK_Dq7Gqbz-Zl3XPslzw98LYcsK8R3eNqBPgqeEIG12G7hkfQaDY5irVQLkMyu3pZwA88Tm7yTqrMVgkPtv2E6ndQB8zCkaPr0tm_FzBUT8nEbhdekGAbmetPD_OUaF99PNNLynOP4APhIti9paLjJYxCqk28HdkE_DWMsAAYEkIuuxrMItkNbRh2A3aNuU_GdSmL-U-Rrzuov46JgfxVS8vOR4w6ijtJdkf4MWeZR1mXtwV-oHgFKcCxaUNlofWw_-uDwfmycDdbbmisGzRB5pxtkVGiNwoKStYQjM7LZrCjZWR98iUX7gadDdk_l5U593CQsD8YN2-dNr65IbcVihN3x6kwO71qxM60Vln-UkFRHtvgPH4AD6T6W80TZCUoYt9jzoas1Y6L6GLMOR1LMM5A56xZiB2tBlMbQDW6f4dTCgASqCq6BwUiY_d0lvGeWakyjuyiuOeyiXxJ72CazNU9AitwgMGZyroTqbTi6QuD035pGJQU0iutXsA5XuPFGN9KU4H2v_DqPTXf05GVVZvwJ7xOMFvaF7fzfBxCqTQm2e8_3wNbrAxaizF9MJlC2NTu69XiGAkTdFUHdMAFxtyfRbwA-6AGPHsN3DWs3TfiYF2yY23vrKfHdGVLE3HhyiC4Nv6vqRLa7wpg66k5ynCy5kufO4fouyHQVPPGNmFjsWFkmd-OBqj-J9S5LNnk5ySmweiHa-ndCOwEIWmALCZZrXGLAM0GHg6yixI0jN6QxyxuxntkLmM6SyNJPyflF1u5yyWt_seYZCNldo3WfT99_xzMYoJARXJoEMyg6GspMm7kt8l06srYFXgxhWpdIeocCfLro4ufvwK1oBk_J5SmXmZynZogBEWRFlEdGpeoVyZuzsBpT7UzvWlgoDyYQlKxUK-kfGdZGRPoZHmdr6Nh5JlcJVNltAYGGRvtWgR2jV_wG1AnWb6TO-YvG7_gpTl5OuDIGWFYvktc-l_V0xpzDOpBij1PpvcTriA_Ztzn-TI8-qI57RJKrDw2lGyLXOJHHCiLqRUiqXMNZ83aOhYE2cdPYF44vx1dKfLmHJ8TCFNIAY8-YK9L9-Xf12D9Ur2j91NmKBe6Me7aS3WxSq5kpS61JuQv7JNor9tvLse0yK5zRvH7cDC_wXDr6n_G7c2e1s659YirRhp6spHHUIzfunUO-z-cJWewXgoM205NoOjQwb3Lgclts430BZs-Cd5ijycKwWF7pZRtaDZAlM2BnGTAsjRr2Ojg3EwI72ZWqKQ0xOIQntSoLu3Z8y7OKqXcQKQu8KXivUhoLaA978UydZT1nkvobPR8PgNmwQYy3Ofg7tbD9t3SkNGLWk7pSQ-co0K6JyuENzyeacDqub12e5KOl9MVZncK-C59xl5J8By8a-lmEkGxJClKVXzrAWKZ3oVoK35TzhBJfftClv-oP2RzUlVIPw8S3crHYf_x8j5k_445lPv8NOzT8qMwDNiFRCW_4P4fcKPibqbCQ3nid9V9f_dz-PQA0bdbvlxQfBU8m18s_Iq-wTUOvHZ4ljP_FGb8sgm5kV86BSUWk3Ywfe9tMgFAMRH-oE2cESm_4hyaf8A-5_lUjPG9dcea6T7JvuhpUz4K3ovYCzuSd-uw8uoVP6bE_-q7axmD88lkeABfO9tjJRGhAiYgfd-NWQLgCZut9R39alNdRnUZweE3TkJdwrcDedJpDmfwGFWXRiv0azf_lwWDSDDqGh72pFjK91yuJrXjsRcBWqD-n-MeVbOhympLDciGD7_PBilgUA0fFD89vk417cqQT_wz7stRvqtlKMvZuVdRorYfJA7HAWilX3VRHQXMuvC1RXBzknlleYZRHAIEOrVdIgNq-pYB_e1fYHzK-GxXb4r1NtfHhO9A6x0z_Z-1o6V8-vZPxIpvBrVKHBx3f3eKoAhQWentOgXC2H6Mienbi0-kYAlTuZJf95IZe6YmuS6ZTPuO-bD6LfDLu5ToSkApQYc4VNOae4ShyMeolwD53_hz_cc5HMAap5N2kPx8xEIOIfvZGrWX6VRXKVaoJGanAOYVVcuKZFWm8o_v3TXFf-hXNNDGYegpLpC_mJvfXTq78maYQ67VXmOroNgRxUk7YL0e3ltCTUiNO0jGk6YRSFeEbxKEmk1KTl1H04lKZBq0AEwhIwEdolyIhabTEvmAe7nYXPkdYFA_UNE4N0d3y49uglDgrfNKhUGyyJVTyGjKpdCy5fFZi81h38QNaYF87h1ov1K4zg2e6DGxrL5h6bzu1IZuHcsQCveOBe5DrSSeRc8Y5KthRLBOI28K5beRszqg2IvX1h6gPaxGza2pMpJSsRxv59IIgW6zeN10NOFpV8QD1vw5JfDmIKo7dPJs1Xx0Eg8KLXt-C9cPtOQy-DIj80L0JRzp8J8qp4aqIFzoFJx4zgRps9QMrNQjxm8Ga0jrJicDXrokHx4ufuZFZpa2b7YGCbTovTnu83_7bCDKnpLZp0OHeqgwtE_POAqukbuhf4uV-8xFD_xFLjnCT6IL0OkAzldl3W5AGTfjfwliXhBZKEkH-iICNzABA4WMq0Kuz1Bna2tkwx7C1j8PDegWmjvYjNY-AnY7cjvmu2qCPI3GgpmuQ8K2kyupc-NwbtnJbWjdpMW7FvBvNuJDgmMlVw3Z57BtLAok2hmOkHEmSBnoCJBofhQ7u0AwALQhXDtshjhBVkAuaG2eOt4s6c587m8r2-o_FyRfTAttpRTv7eAH-NoQEnlVs6YuJkeedS5lkW0fbcFml-PnlSI14GNQsf4JMjpzruNA8LPkuc2C-5AVfpCnPghr7kjXYZA1DJqZxLqk00y5iKzCIzubGmczr1x7r8SVYTn4TsnBdNxXlGVjxpUBS-n1fo1Sjgr80JgbY_Teh-LmgmbYZ43IxMwbQAuMMoce8nueBJONFkFgqk-B-ESVVEJjBMIz7wE-RirP2VYDbVXzXmtwxjj7UPlrTPSPDIwbcxlekDA3e0W7F1qifLcPvhYwYXkG6IEn9MGTBj2TkRyGTz2aKvkPYmxFgIvCuU7hWfiFNXNAYTCpEqEybzWMtJs9ohm2iJ8Wu7-YYi3qhUTZlayF7gI1pQymkZkuhg6uKpAgjQYRVypuebCbRw47STwRK9SEozjGGEbdaJLmUZ6YAMIAumTptaZIC-apbf2tQQMnrYuCApV9Vg4uVTgDGcaNDU9QQnekfN5F8hboNJFUoU29cKR7ZauNM9NrTw2bmh2A2z4J6wt4joAmpVfEmKvSHXV7nxfBmw27Mb4GFxzKG3xT5u0frEbM4roz9KmdWMnuGBzRs0S9oo2RlLJq9ZuMoAsZoNjvlQHyqyzMEi5h2v8jKpjIy15fLnbe4yfexAYWKxBZ59iE0g5xABNNN70FB8x8gwy5Y7ZpoLah5JuvV7g1VnCSbJLJzUrpRFHbg4CLWOcfdl-tHIq8-cN9iYzq7MzZX493cXShTFHfA98tKwD9MlTuHwh6-Qmz5Cr2GCvGGUrKm-XkFvDT1_Uq5M3vazAmQ5H1FUkSK78_XFBSEWFyQ0T6lxWDx2crhA1sA1eAqSrU1Sw4F5YPV410_MW-C_w4cdO1xa14l6BQ5uCuqlQg&cid=CAQSPADq26N9feHD8TjeJgjlkUOFnALHcY7R8MogLKuGCfwKFfzUKAmzT_84DoGjtAb7uNQ-5ylfXiAYl60-fhgBIA4&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/beinmatch-4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e71d7f6d8594f2a91ae49cb8a7b70f217c659ae55d1013b1074eeb3c821cafb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18700
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CDA 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHo7DJynKLyOi9xLI4hYWei8TvJEAPzozRIegqc7zAVnhi1sKC8XBRTXhmy5eBKHcjVHYqjivQB2f6sW1eWpSZCikdl8_9GgXGxHqxCP3XQn9LjcA

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8CDA 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:03:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8CDA 17 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 17:09:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CDA 152 KB
46 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:56:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 144D 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlzQagfxMY9z9Fea99u8PhuqhQAAAAAA4AeAEAg&bg=!bW6lbirNAAYeOJy_Pjg7ACkAdvg8Wruztvpd4_AGl8R8rsH-sWpcqREobxxr0s2MqiPdkdkKFU6YlQIAAASlUgAAAAJoAQeZA0pETmQjRYnCL5ac31JGw_luxGdQJbKu5BCPr8AwwDc3ApQEioqY_Yvn4ooQV1dk_yB6QKNqHsURVs8itfxyGHsrAeo-Ezudm-kBcASSdfWfd2MOnI7L_ox7Rg_qEfVHh8Qvlh6JVv8ll8GgMUvsKrTORkWrD_mitTKpLp7lMsxSrJgUH9nKfKF91q_o43IIIH4OcAZzjpeDYBZfPQAiEDEKufLBK1xtqYKzNLauA99P-BJcGTnV3vKE9dTVnEMKIyzst_7QQGawjLFvJwFSfpaWWe8DXYqRhh7dLeBNWxnGSQtktBoqm7CtvxDMI7AfckfpSx5oaTiseHfnFmvCo_Q_aePU-aDBGnZZHve4jRd83BBPn5YCd1MR3hHogqlZ7-47clWUJ4s3UUAOTHQt39PwK5sngfCK16ABX4H4J8eQ-QEhLPI4gEBo6BQ4ECI2SeZPC_5V7YqiX0Owiw7Ba5KXVRuDSaxCjyQ_gVejI8iShMfh0EWz5gwIMMtIbaEyH-sVYPYxbX6Ax9LcLQG9F-gksRpDQCSAXLmazsXpxIZksgd_D0fk3N1gB3bZo8RFKM0hJpOtwRIWM0hZ3tFXR4_o_6xUvkXShpFQREJFUNRxGt5GtI9HB8B2roluob0O-Cxw0hUnbr4aT7BUG3Amb5u2Jbdn4dsXw7QCOiI2_tX0_HYUVRMYOTPmTryAyvGBE3A3bA3EI32-Tf6DW_LEZ0knfNxeOqV5tW7Vg6RRXAv3ajK6SLPv0IRJbwMHTchYGrDoHsFUqb2FH8FvG7nw55f4oEa8jS6ZuyNmG5CSGbhcUMbZnHeYEtAI3ucWUaGjS0xoNKPoCWS8yXoclUSUkfl9-K3JuQ_QPL0P7p6ACC31vcCC7t8F8Li6638kV1lOlIG8wse_TKbmRJ5rFDNTS7y24ubxCRFli9jyMKWv_F0hSAuVHa7-utZDpb3R6XA9NPohrsjCRP0U-Mnk6F5-fhtov4GUAEiXVyqsht5KKkjD6eAox8gJDFoSnWA-KOiAF2bHPJqxVmelorvC0FkTR_7sfHo2Gq3Q4gRcneEFNspj7Ib046aMV5wy8L-TCm34hKjYzxmMpd-pSM6XFn1J4XSOmeWA8VhDFotTog

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FED3 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnJZMgfxMY_TnGeG17_UP4LKdqAEAAAAAOAHgBAI&bg=!09Cl0JTNAAYeOJy_Pjg7ACkAdvg8WjCCdWRPmV7lI7548gxQJykgkNNRTbIDYVnYyBi-iwUlV68CygIAAASRUgAAAANoAQcKAF46hqhW5162S6re2K4yCyiod99q-ktg6pAaesf3c7GouUFV3ImdcpKWShvZSfHcdiimTvY_QPtQypnl2qnxwW-VyqdJEMYHMQkbUtOahf2hxsENGHeIDQsLKcTtLe6_mQM83Wgs0bSmriF-g43SvrEbZAZJSi4Ozskbb7Bv-NiYLjtERHT-Av1x_P70tJ8VFcxtCvLqUfpiqugK7YX2zVihJs0vbs-lIPLHgZhjLQHcKrZCZ3C1i5wcnFzJux8MWdG9sdAjn-lKe9m7Q-o-2n8CPUgsAXfXjFCO7BNiGhhEl4iB1Vno3N9k-r775YTA3nAkRaMrWzTiwZAVauGC92DIo8RpnDTXkIUQ9_BG5IvDIRTyIwLk7YFSaTxqaYXNu7HqrzqBRh4FgCRhVUyDpPC2AM1e0dX28gZuqkkCc7NgTFsAPbrAJRpgsueXXPZQ_902WlTjYEMEnn-FCby1aNHwNkyS_Infr6XtZp_2RQZHYD0jvujzE1degd2Ud-nkpGerasgpK44gIfMXoEfnR5jnjMIm6Kg_5GuHZnzXoA0D7gVH3aKpIMuZMJmMBW46ANEKjpY2iN9l9CPys0qVvd-6-0llzt1JGdFFwCovu2iua1fjnI9E8kA0B7xltmh2fdnFvgUp31byUNx7i_B1jRtbbgICJbvHyTbLuOEwDTFWm0X04EA-JNWzTpRMU2F8tfbuZNCeD_ilfsga9Rt8IY3Gj3hVr8bZjrh9BNzBTo3hpG90ca1UxydTUnOcvajR-MYnzboanbPGveKzuN6n88GSmp6ePQT6bCe6rTKSXZzNZbNUdSGC_k7HJ5DaNHfwRlFjxnIGDIjESJKO8Uju5GzCWQQMVJ_TuKqFyuBN_cX0a9YsO0d6xlWWaZn66ECe_oM40BUq9xOoMW4pnu3n-FFj_ugTr5ufo4VMmBE-qjJ3qytiWiBRLLloqZLvgB_YqbQz54XIjzjbc1mDWLopAvSmr6M84WP_hrKGC35wDEI0JCe0S0gtq1NIBtFW85S0TqkOPdZSKsQCxUnwv6s3rkBW5Xxyme8OzBqgXnFQQ-gT-ElAzAlbALM5Uo0sn9v9bg8jvzLX6z3Vfm0m8eub8VEztuPDq9YBjQtxP3CM9pwNFXyyMo2a1iWBr9cqBpbyWH1Xg337lW_ZrH2YKbccGVSDIKRI7bHdYhAApACRDxFkfN-0XBHQdct9gZy_CaJEqS5wMCUk_y3A-CAnC3mo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 8CDA 30 KB
11 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8EoYJ7wO-5wFgl-ZBYyT3l3bZxG3na-ShKSMryy3zGJYPST4hxeuICr_MKdkkoGSlHR9CT7droYQzigwSwoHoznzfCF-iDwrO4SDivmsrhq3dyrDY1229jVNgMn8o82XL46SZlfRogSP6eoG_uHBEJ4awq87k4TJbDHPtYvcXrIdNC8c&dbm_d=AKAmf-Az8Ezfw10VFYmv3lvlSGyLD1ZG-D2FmSKHWs6xs94g5veY7sVhUYdKSu3NxcX0RGLQC_oqJbpUpcJbJWpf-vsYxp8y5yFehq2hlh-jXCvVdPttCs_9YvpbXqdMtT85G52v2ViFq9RNk8r_ulSNCawl3mkX8RY_Okms7d9vP9sT5oADHaJ07Cbg0GYMTxZdsGWcw7_TcRS2XxIQOMyXOg_B-5r3BwQhF4u9JESK_Dq7Gqbz-Zl3XPslzw98LYcsK8R3eNqBPgqeEIG12G7hkfQaDY5irVQLkMyu3pZwA88Tm7yTqrMVgkPtv2E6ndQB8zCkaPr0tm_FzBUT8nEbhdekGAbmetPD_OUaF99PNNLynOP4APhIti9paLjJYxCqk28HdkE_DWMsAAYEkIuuxrMItkNbRh2A3aNuU_GdSmL-U-Rrzuov46JgfxVS8vOR4w6ijtJdkf4MWeZR1mXtwV-oHgFKcCxaUNlofWw_-uDwfmycDdbbmisGzRB5pxtkVGiNwoKStYQjM7LZrCjZWR98iUX7gadDdk_l5U593CQsD8YN2-dNr65IbcVihN3x6kwO71qxM60Vln-UkFRHtvgPH4AD6T6W80TZCUoYt9jzoas1Y6L6GLMOR1LMM5A56xZiB2tBlMbQDW6f4dTCgASqCq6BwUiY_d0lvGeWakyjuyiuOeyiXxJ72CazNU9AitwgMGZyroTqbTi6QuD035pGJQU0iutXsA5XuPFGN9KU4H2v_DqPTXf05GVVZvwJ7xOMFvaF7fzfBxCqTQm2e8_3wNbrAxaizF9MJlC2NTu69XiGAkTdFUHdMAFxtyfRbwA-6AGPHsN3DWs3TfiYF2yY23vrKfHdGVLE3HhyiC4Nv6vqRLa7wpg66k5ynCy5kufO4fouyHQVPPGNmFjsWFkmd-OBqj-J9S5LNnk5ySmweiHa-ndCOwEIWmALCZZrXGLAM0GHg6yixI0jN6QxyxuxntkLmM6SyNJPyflF1u5yyWt_seYZCNldo3WfT99_xzMYoJARXJoEMyg6GspMm7kt8l06srYFXgxhWpdIeocCfLro4ufvwK1oBk_J5SmXmZynZogBEWRFlEdGpeoVyZuzsBpT7UzvWlgoDyYQlKxUK-kfGdZGRPoZHmdr6Nh5JlcJVNltAYGGRvtWgR2jV_wG1AnWb6TO-YvG7_gpTl5OuDIGWFYvktc-l_V0xpzDOpBij1PpvcTriA_Ztzn-TI8-qI57RJKrDw2lGyLXOJHHCiLqRUiqXMNZ83aOhYE2cdPYF44vx1dKfLmHJ8TCFNIAY8-YK9L9-Xf12D9Ur2j91NmKBe6Me7aS3WxSq5kpS61JuQv7JNor9tvLse0yK5zRvH7cDC_wXDr6n_G7c2e1s659YirRhp6spHHUIzfunUO-z-cJWewXgoM205NoOjQwb3Lgclts430BZs-Cd5ijycKwWF7pZRtaDZAlM2BnGTAsjRr2Ojg3EwI72ZWqKQ0xOIQntSoLu3Z8y7OKqXcQKQu8KXivUhoLaA978UydZT1nkvobPR8PgNmwQYy3Ofg7tbD9t3SkNGLWk7pSQ-co0K6JyuENzyeacDqub12e5KOl9MVZncK-C59xl5J8By8a-lmEkGxJClKVXzrAWKZ3oVoK35TzhBJfftClv-oP2RzUlVIPw8S3crHYf_x8j5k_445lPv8NOzT8qMwDNiFRCW_4P4fcKPibqbCQ3nid9V9f_dz-PQA0bdbvlxQfBU8m18s_Iq-wTUOvHZ4ljP_FGb8sgm5kV86BSUWk3Ywfe9tMgFAMRH-oE2cESm_4hyaf8A-5_lUjPG9dcea6T7JvuhpUz4K3ovYCzuSd-uw8uoVP6bE_-q7axmD88lkeABfO9tjJRGhAiYgfd-NWQLgCZut9R39alNdRnUZweE3TkJdwrcDedJpDmfwGFWXRiv0azf_lwWDSDDqGh72pFjK91yuJrXjsRcBWqD-n-MeVbOhympLDciGD7_PBilgUA0fFD89vk417cqQT_wz7stRvqtlKMvZuVdRorYfJA7HAWilX3VRHQXMuvC1RXBzknlleYZRHAIEOrVdIgNq-pYB_e1fYHzK-GxXb4r1NtfHhO9A6x0z_Z-1o6V8-vZPxIpvBrVKHBx3f3eKoAhQWentOgXC2H6Mienbi0-kYAlTuZJf95IZe6YmuS6ZTPuO-bD6LfDLu5ToSkApQYc4VNOae4ShyMeolwD53_hz_cc5HMAap5N2kPx8xEIOIfvZGrWX6VRXKVaoJGanAOYVVcuKZFWm8o_v3TXFf-hXNNDGYegpLpC_mJvfXTq78maYQ67VXmOroNgRxUk7YL0e3ltCTUiNO0jGk6YRSFeEbxKEmk1KTl1H04lKZBq0AEwhIwEdolyIhabTEvmAe7nYXPkdYFA_UNE4N0d3y49uglDgrfNKhUGyyJVTyGjKpdCy5fFZi81h38QNaYF87h1ov1K4zg2e6DGxrL5h6bzu1IZuHcsQCveOBe5DrSSeRc8Y5KthRLBOI28K5beRszqg2IvX1h6gPaxGza2pMpJSsRxv59IIgW6zeN10NOFpV8QD1vw5JfDmIKo7dPJs1Xx0Eg8KLXt-C9cPtOQy-DIj80L0JRzp8J8qp4aqIFzoFJx4zgRps9QMrNQjxm8Ga0jrJicDXrokHx4ufuZFZpa2b7YGCbTovTnu83_7bCDKnpLZp0OHeqgwtE_POAqukbuhf4uV-8xFD_xFLjnCT6IL0OkAzldl3W5AGTfjfwliXhBZKEkH-iICNzABA4WMq0Kuz1Bna2tkwx7C1j8PDegWmjvYjNY-AnY7cjvmu2qCPI3GgpmuQ8K2kyupc-NwbtnJbWjdpMW7FvBvNuJDgmMlVw3Z57BtLAok2hmOkHEmSBnoCJBofhQ7u0AwALQhXDtshjhBVkAuaG2eOt4s6c587m8r2-o_FyRfTAttpRTv7eAH-NoQEnlVs6YuJkeedS5lkW0fbcFml-PnlSI14GNQsf4JMjpzruNA8LPkuc2C-5AVfpCnPghr7kjXYZA1DJqZxLqk00y5iKzCIzubGmczr1x7r8SVYTn4TsnBdNxXlGVjxpUBS-n1fo1Sjgr80JgbY_Teh-LmgmbYZ43IxMwbQAuMMoce8nueBJONFkFgqk-B-ESVVEJjBMIz7wE-RirP2VYDbVXzXmtwxjj7UPlrTPSPDIwbcxlekDA3e0W7F1qifLcPvhYwYXkG6IEn9MGTBj2TkRyGTz2aKvkPYmxFgIvCuU7hWfiFNXNAYTCpEqEybzWMtJs9ohm2iJ8Wu7-YYi3qhUTZlayF7gI1pQymkZkuhg6uKpAgjQYRVypuebCbRw47STwRK9SEozjGGEbdaJLmUZ6YAMIAumTptaZIC-apbf2tQQMnrYuCApV9Vg4uVTgDGcaNDU9QQnekfN5F8hboNJFUoU29cKR7ZauNM9NrTw2bmh2A2z4J6wt4joAmpVfEmKvSHXV7nxfBmw27Mb4GFxzKG3xT5u0frEbM4roz9KmdWMnuGBzRs0S9oo2RlLJq9ZuMoAsZoNjvlQHyqyzMEi5h2v8jKpjIy15fLnbe4yfexAYWKxBZ59iE0g5xABNNN70FB8x8gwy5Y7ZpoLah5JuvV7g1VnCSbJLJzUrpRFHbg4CLWOcfdl-tHIq8-cN9iYzq7MzZX493cXShTFHfA98tKwD9MlTuHwh6-Qmz5Cr2GCvGGUrKm-XkFvDT1_Uq5M3vazAmQ5H1FUkSK78_XFBSEWFyQ0T6lxWDx2crhA1sA1eAqSrU1Sw4F5YPV410_MW-C_w4cdO1xa14l6BQ5uCuqlQg&cid=CAQSPADq26N9feHD8TjeJgjlkUOFnALHcY7R8MogLKuGCfwKFfzUKAmzT_84DoGjtAb7uNQ-5ylfXiAYl60-fhgBIA4&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 18:53:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CDA 41 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:09:02 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 8CDA 0
347 B 32ms
31ms Image
text/plain 79.125.33.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rrj5ukgn8&_knopii=1&campaignid=28643978&advertiserid=6522545&placementid=347102681&adid=538651628&creativeid=179164407&siteid=3355505
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.33.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Mon, 17 Oct 2022 06:56:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1665989764
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-no-pii: 1

GET
H2 200 93665
stags.bluekai.com/site/ Frame 8CDA 62 B
464 B 164ms
164ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/93665?phint=event%3Dimp&phint=aid%3D6522545&phint=pid%3D347102681&phint=cid%3D28643978&phint=crid%3D179164407
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: c73c
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 / Show response
fw.adsafeprotected.com/rjss/servedby.flashtalking.com/1191119/66148304/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/ Frame 8CDA 237 KB
71 KB 33ms
33ms Script
application/javascript 34.248.3.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/servedby.flashtalking.com/1191119/66148304/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kooora4lives.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkooora4lives.net%2F&gdpr=&gdpr_consent=&cachebuster=162334.16385331334&ias_dspID=3&ias_campId=1009124678&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=18470479639&bidurl=https://kooora4lives.net/beinmatch-4/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iWVZeBrMjlcyeuJvrOrpF7
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.3.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f5092b97aec5cdf29eaa5f09a5a1d63e1a5f85a7188dac43943781852508d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3CF 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmZoIgfxMY_b8GLWs9u8PsL2ZCAAAAAA4AeAEAg&bg=!dnWldTHNAAYeOJy_Pjg7ACkAdvg8WhOa4s4QoY705zlMzR15IO2p9TyQuOrHlW6gvvrWPkTww2897gIAAARbUgAAAAVoAQeZAuSMd2QgpKZIWZm2_UKlZRi2M-ulyRvIyTa8RbI7hRG_iGnG62asY5omiAAGpVE73Bccv7KIFHy1o1NMA_eEyd1upV9JatZ4QnOK0M58V4DOI_KuIV1i8MgwtjYxjqys_Yju9hrUV3dvGfgiq78nr56bjSxnyat_cHt9l0K30ElcMJZnPIZU2KcDMn90hFQrCfUjBdI2k9EjsFTmoW7pEPyWpJP2PpPSEi22OEL0gsuTR4WASrGReLA2U8Zu2CpDVwpRUh_tCjx_zu7Fj6_cykyEVpXrc-JHWzxIvLGkZkJxvQEojlK9PYyL4wBpLVNzWuNCXcd5i0nR1OVfRv3IjCA0YDx3aq-8hcxga6FvQP-77oDuAcAB55phbrbw6KzF085-twmKAG5R8qJNydK_Z91_yPwimR2M_WOnx5X7VRIEw1EWCHQgyOpFAznIf98bsU6PA_PX4tglHjp_90MzAanDtRDiiAwXvGG507zX-HBWlm-Waqxr_IBMYm5-aJk2atdmkmgwWE-VGZwGODN2MJwsIHWs6AOmdGz5DOhJYTljCEHXIVfgNwH2QoH9GRrG6VwcGS9eCTwgmBhO0WHbn20M6yOVcB7olO50BEuamFBoEcoEXXIstVrcX4TJNGp5-GhT8eXW1uTWWO3mfolatagpSxNYh86D6nfG0McEl_-97p3WMDfj41luVVWcWspcqMcyMbiUA98WE5zTXLlU3owYYC2EHF0qq-rTNj0LAjg_d8nF3mO-vLXRIa-kF5-A0Yqrm_lFqCejtPiiEmxFNVZK3khkY9eFrMkrUWYu7v9k2nnhgdqx8JD42zQRh1bZqsgJcbG2cfwjBzU6jX2JCIgI_d1bSj5zhqAGbd9w50Q1jfx70iz-UWMEiuS2gnVDMNSWmQvhHNlIpers2kWezg69C7Pp1A_DFlKst8k1bGIAcw5-t9p5rMfJAz3MwzF0KK-axU-udQXXRxEnoAQLhFw1dHjgVQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB1A 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrT2tgfxMY5_kHI2g9u8PwsicsAgAAAAAOAHgBAI&bg=!SkmlSQ3NAAYeOJy_Pjg7ACkAdvg8Wq3f7F5d3Us2ApLvcMhIxOqJAn3pWJHK_-HXZaCXFxzN6YzLGAIAAASLUgAAAANoAQeZAzf9SVXWImUUzq6PRHhlpKEHZeMNwrD_P7h4gBA2BucTM8WbKh7llqFBCIMA6hLP0qDoXeXWUm_-EKpzh9056Vt0etKrcfkq7JFP9ndAVuyo5ZHLJqpAx1gTyq1V7_pAtjSQPGO8AA2T0AqFsOSXWJM1WramoaL9vHyoTq9BpD7YsS6CcnEM_1cwa1YWZQj98vE_-54bD2C7v6ZLU6Cvtc1gYg3nKj1HArNsHLrNQd5Fp-bjZE-K42zVu5lZSwIJdZQw-hplogdIndQUSbSRccdFCsYN37aL20QBZEeyRRqSwgeM1YtRWKRMsrIDU2swqQSjiXb7dTAcAAl3KAAOu415M8snci1mpzYdKvE4PyxtRQ29U-PbRDGt3fxIwx5bXzVjW-WGpswS-Pdlx2rPBkqe-3OmMycNk_f4jMHf-DTYLnG2OBScXIys7GPkwvIdH0s7aBljdRgZJDMc-eFPdSSnGM_kWHWeYUvU0mHtQAns8ez0SckQ3S4ylP3BND_WnV7MQH_Pu_HHwbEhF-n7VSbNgbN2N_yaDoHDxzxVLp7gYCW-6g_G8ilnSJ7NaLznVuRwWxzEp3zV8GmcSB1XYXnNjXo6C1vcvQrlqFy_OOCr6Vb-LICHTtUF9b0CgDHVCvn74KjWDcY8wGpLd1gnvzexR-oolUkcVw9mx2zfYSssqAz2ez9WmrzyQzNj1VedUij8gOTSNQNLFx0Ywnr6H8o9tEtFeJ9rEMmYK3OIf7-vwjGKr4w4ioKHZxwg-FQa6-berl2wUFKkNnyhA0ESX06ijXKdlfQ1Ke2dvhjnhKksacrlknRJY4HklBIflevTxkYQHa67qK6_4XDCvyQy1L-cJuWjaP_dOtgmQLqCKS-zwMbGU67NGxJeffqse5ugWOA_nV9xF4rMXIZ166KMtlr-lQkt476i-6il9mg38xP7rcL6GEw3NXoOBN6VBmATm7MvUpkph8yjiWasWXczVUYNqx4IHa4Yy9vixyBHRPg-wawFaT4N1RsEv8a--K7jfLXt0eQfVG_0L5BQG-9bfMFHFTrTciWZ3Po31mq_kDdTHWn8x2vUDDV-bbBPFuctdYaI0MSZJE-J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CB40 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 389998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F8B0 0
11 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lQW4Lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

/ Show response
servedby.flashtalking.com/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/ Frame 8CDA
Redirect Chain

https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/1191119/66148304/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSE...
https://servedby.flashtalking.com/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft...

1 KB
2 KB

69ms
24ms

Script
text/javascript

209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kooora4lives.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkooora4lives.net%2F&gdpr=&gdpr_consent=&cachebuster=162334.16385331334
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app67.frk11 /
Resource Hash: 7e255b5f3d379412b62af619935ec0134a837e4a4289a61fe2fce521ff7cc827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:04 GMT
Server: prod-xre-app67.frk11
X-HW: 1665989764.dop132.fr8.t,1665989764.cds280.fr8.shn,1665989764.dop132.fr8.t,1665989764.cds167.fr8.sc,1665989764.cds167.fr8.p
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 1440
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://servedby.flashtalking.com/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kooora4lives.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkooora4lives.net%2F&gdpr=&gdpr_consent=&cachebuster=162334.16385331334
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5919 91 KB
23 KB 8ms
7ms Script
application/javascript 2600:9000:2491:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2215188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: mT2rMzT5Z8-4iWZ7io7HnTlphlr0NJuMOVaamgZUApfbgJYVU3Uj_Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CDA 43 B
215 B 163ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=f56057e1-576e-ae7c-75f5-1160b0e26750&tv=%7Bc:rhwE4a,pingTime:-2,time:128,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:728,beZ:729,mfA:731,cmA:732,inA:732,inZ:736,prA:736,prZ:750,si:754,poA:755,poZ:780,cmZ:780,mfZ:780,loA:822,loZ:825,ltA:855,ltZ:855%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:128,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:25,wc:0.0.1600.1200,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C181.886862-62195610%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:26,sinceFw:100,readyFired:false%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame CB40 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:49:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E222 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-CL8gfxMY9nENpW4x_APq82AwAIAAAAAOAHgBAI&bg=!tLelt_PNAAYeOJy_Pjg7ACkAdvg8Wh11ZMASNKbNcKrCGP547N67ffyIru_ATBoBHLW3HSiyMrid9gIAAAQUUgAAAANoAQeZAzI8SZWxSKxqI7_JT2YsOcm7hW9_sQL_mxx86dLJSqoFgf-2PGSF4VVG3mdqHlc4l7XxPIvRZnzfyeRoE-__stDnwAQQCd4JtGSaoziPutnMq_ZYDQ9UIb4_iDkzgbSnT2rhYju7fTVkiCXUDC_K3KC6pu35rkd1Yqb4maKXsuUral7pOx5dzqeN_bQM50DsmPU1cwqNhu0Hg5lInsmXRrCxVgJXUzF8sNryEWPvFyj2EluOyyio7KFHZ75cJDkCLPmTSulXaqPIH6Hy9TPz1OT0zfMjFOYHm_pgwY_7V4ZXnvrttAdx7yX19k5V8UWlxMiUxZ312Qf2zqRwUdDQBUp91_FtDQmP8K0MILIOrd_pYLdmxszj-JyIdsFrbPoNQldmX2BGDBsxFZZdV5IR6-siD5A_BEyb_DfaSfpbkZCDXHfVhtuiKeqDzzJLMLJll49CZByLZbG65vg42CpkXNXcbtGlpw5ZbLEcbuUg5Jmvt8EexSpvdQgBYN6Qk3nmB3NCad5N_bZSan-mPeJx43msc86woWZ7iKn9i8nPhbXSjc72EGt5SVR21uJl23cWHMvK_Tw17i-APSKVIOODetqLweaa5cERU_mxBweGb0fTbynOqYnd9ujTI4fYzx58PCcMWOHNOSxPVZnrkz8ZFuFUjMfsgC7dzhkBkiiqx6atji9ttOi1VsirdtfQ8ERM8cRXekFkHDg_sVSTYLcnxhnvdFPeHGWMZTRGXkvI4B5I7p1d7GwwTr8QErACQpSVRIQn_SE1WYTe1mcrf_O4Fxi3j4rRgo422txELBlq9urBKdoxIgYEasUCC4DD8zQnw_brlhZHeYXsk0GX_xVNHwQUa-9aSD2T-sjInSM3eZVXAhVLMmc_unas8dwx8j_7qVCv2pto_8r3vuXenfjtmpjH7Y2k9IBWL6ihtR3gUR_H-M5T0e6iylCQ4SasbO0W9guD9JTIxQ5FsuO7OywhKX-D3UwpOO01R7qZenpEXhoniHvQDuLo8H0g3kHgeUsj8bdU0LKee0NQpoJsdsV2LmgoG-aWMw4bVaAGuJ9g_M2CvSUcvOGmAj97z9vvbeAQw6Y9WQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK j-6831578-4071915.js Show response
cdn.flashtalking.com/xre/683/6831578/4071915/js/ Frame 8CDA 89 KB
22 KB 95ms
38ms Script
text/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/683/6831578/4071915/js/j-6831578-4071915.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/1191119/66148304/imp/2/193245;6831578;201;js;DV360;DE20221001dv360disdynamicsitebarDESEDBMAwarenessplannetNACPM300x600BANnat23001HISENSELEDTv/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kooora4lives.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkooora4lives.net%2F&gdpr=&gdpr_consent=&cachebuster=162334.16385331334&ias_dspID=3&ias_campId=1009124678&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=18470479639&bidurl=https://kooora4lives.net/beinmatch-4/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iWVZeBrMjlcyeuJvrOrpF7&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f56057e1-576e-ae7c-75f5-1160b0e26750,c:rhwE2v,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-tg6ks,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tkv9gOe+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:c49b0af8-4de8-11ed-b603-b2e9a4342133,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f59cd452008be9f54e2588dcd6dc44c8676369a9a58d30ac2d036a01050ad85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Sep 2022 10:51:27 GMT
Server: Flashtalking (AKA)
ETag: W/"890bbcdad6c130272fd540451af915b7"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-Varnish: 348879654
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21930
Expires: Mon, 17 Oct 2022 07:16:04 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
227 B 19ms
19ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19282/hbw_release_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://kooora4lives.net
Date: Mon, 17 Oct 2022 06:56:03 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BA 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bsz2cg_xMY-nYAtrigQelsqKACwAAAAA4AeAEAg&bg=!ZWalZiLNAAYeOJy_Pjg7ACkAdvg8Wmjbc_68y8wG1--izNiCWZBtXbSlEC7tQb-rnhh9snMizF6K5wIAAAKOUgAAAAJoAQeZAzcxxhkB8RqsZ05Ewfj_jj9uudeKRmuOZEoEZk2v4EzQm9DaPY6UgkgQR4k2jXUzGgDAk7njqgMiWqyPOz-7ohSuM-yu_PCU-9oDhq7hBnSsMHr6EtS90X84hoZ2Gt4s2_qoypDfTMxDlf1_E96JeHTvi9EA47owrq-j1X3y9h6gLM829hjZU0rKuOp8lji24Vmvv1167sGNH4yTL3zesZolXWVRnL76ksLkL2rE2Bl9PqChYaC8rDd4pAEGWFxmwfpuMdCkZFZgtOfPG7iUEFUANjpcEiWKLoFoiZmhss3LAKce83BSq95Sn1Z01Zr_wzAaGRgP_QZU-hNtbIxgtOXyZ7nLlEe2mftB-FyXz2nJkM4YM49dfMB5BxMwB1_uZCmH6R41LfL_tMkFYWB5cqMzeRcpyiNlmgVCCUTVIYtxUkL-S1LQSwtNjGCcFPP-1vNz4aHFyWPj7YyGlcK_T8YtZftVNracfrTFxnq4u3TU2Ym1anKD4iTisu2qeTGWISbF5LySZfE1MfTt6WP_BjuoOKV7JQGYjnPDPPMAlVGcHmnSJFoDoS4CNBJDQB59YdcQDG-TLQLZULXOPMIq8A-7XT-EdPwOiseTMnahE4MUU_vK-bHVGIZrdqke6MEmG4vT6pL37JGeFgr5PrWbjAIjFUOuvSI0GdtFnhUI6RR2i7PrVIXV4gPW9sNbenmSeIZOpqCHfFrx_WZpH_70xKk9rQ3i4QsR9FRHfzlHVKVn4NThA9RfWGC1Zi9g-aZZQAyDGFj0we0c_emnuTSt9nIUViG5sHe4knOMM7eYsWheuZlychL69B7b0EmZJzgTTT7rW3oIadI1TO8pQ98v1I8cPoGHuMmUi25XsVg_I0D8mPtqp2GDRB2C42tqMNgnuhSO9SawqxBO1z1kfFdCX9V-RnGqHrvaNoYC1tusqMSpnqmJBXOfwiWIIJEhpJtpBoTxm7NBd6bdQny9ilq1e1-VSKeCd6C338ypFmMrr8Mb0R3Z_Y_nS6qJXqCt8apd4L5oxW_cMxnYKm7bHxs-N9_C1hLhw0CQ3A6gt-bPobbKMg7c5ykOuVELuazGMntLVU5feoKVv9dl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/169696/4071915/ Frame 5F14 87 KB
18 KB 15ms
15ms Document
text/html 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/169696/4071915/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/683/6831578/4071915/js/j-6831578-4071915.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7e5262948d32d8559bcf1490872d221bc85980a77ff9f4784f41cbd03ae726d9

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=650
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17911
Content-Type: text/html
Date: Mon, 17 Oct 2022 06:56:04 GMT
ETag: W/"8f80dd906a229d055983b6adde378567"
Expires: Mon, 17 Oct 2022 07:06:54 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-Varnish: 270580910

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 8CDA 17 KB
6 KB 24ms
9ms Script
application/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/683/6831578/4071915/js/j-6831578-4071915.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: c240bd7558ec0b6ecd1809a637d64b67d4a56a6a1454f5ee6d7c97208f8db35e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 16:58:14 GMT
Server: Flashtalking (AKA)
ETag: W/"f1fa18b4a2f7950780ae709cb3f7aa05"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 263678716 261902261
Cache-Control: max-age=34652
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5477
Expires: Mon, 17 Oct 2022 16:33:36 GMT

GET
H2 200 89627
tags.bluekai.com/site/ Frame 8CDA 62 B
390 B 178ms
170ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/89627?limit=0&phint=imp&phint=15746&phint=193245&phint=6831578&phint=4071915&phint=18330&786813706
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: 9310
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

B28643978.347102681;dc_pre=CITai8HX5voCFV2JdwodV78KZw;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/ Frame 8CDA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/B28643978.347102681;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/B28643978.347102681;dc_pre=CITai8HX5voCFV2JdwodV78KZw;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rd...

42 B
63 B

30ms
30ms

Image
image/gif

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/B28643978.347102681;dc_pre=CITai8HX5voCFV2JdwodV78KZw;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&218332841

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N195005.279382INVITEMEDIAINC.DO3/B28643978.347102681;dc_pre=CITai8HX5voCFV2JdwodV78KZw;dc_trk_aid=538651628;dc_trk_cid=179164407;ord=1665989764;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&218332841
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F58 1 KB
749 B 10ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Mon, 17 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8CDA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad233d0a9f53be50cf2a4e4cd7863c7bb1a4341f0ad4cc883907687287107002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK html5API.js Show response
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 5F14 89 KB
28 KB 15ms
15ms Script
application/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Aug 2022 14:14:24 GMT
Server: Flashtalking (AKA)
ETag: W/"232f021c7925a065046f63511f376193"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 137937774 138544531
Cache-Control: max-age=82132
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28679
Expires: Tue, 18 Oct 2022 05:44:56 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CDA 43 B
215 B 164ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=f56057e1-576e-ae7c-75f5-1160b0e26750&tv=%7Bc:rhwE8R,pingTime:-3,time:419,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:25%7D,%7Bpiv:0,vs:o,r:r,w:300,h:600,t:382%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:419,n:382,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:25,wc:0.0.1600.1200,bkn:%7Bpiv:%5B377~1%5D,as:%5B377~na.na%5D%7D%7D,%7Bsl:o,t:382,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:bf,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:185,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C181.886862-62195610%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:0,renddet:na,siq:26,sis:214%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F58
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPYtpXy7xyF25ySmY5QFTCo&google_cver=1&google_push=AZmPxg96UeWMjyGFaPBI-IDLqtVVNbh5pH5LdA5tSaKuDFPbHXCapdndadmH5Fj_N_Vw-fiMfq4ANumct2IPdpf4...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg96UeWMjyGFaPBI-IDLqtVVNbh5pH5LdA5tSaKuDFPbHXCapdndadmH5Fj_N_Vw-fiMfq4ANumct2IPdpf4q0JvTb889Vo

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg96UeWMjyGFaPBI-IDLqtVVNbh5pH5LdA5tSaKuDFPbHXCapdndadmH5Fj_N_Vw-fiMfq4ANumct2IPdpf4q0JvTb889Vo

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Server: MT3 4539 98cc2da master hkg-pixel-x18 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg96UeWMjyGFaPBI-IDLqtVVNbh5pH5LdA5tSaKuDFPbHXCapdndadmH5Fj_N_Vw-fiMfq4ANumct2IPdpf4q0JvTb889Vo
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 17 Oct 2022 06:56:04 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4F58
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG-KJVErtSCgt70Pt6ebEaI&google_cver=1&google_push=AZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG-KJVErtSCgt70Pt6ebEaI&google_cver=1&google_push=AZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE...

43 B
414 B

207ms
197ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG-KJVErtSCgt70Pt6ebEaI&google_cver=1&google_push=AZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75b721e09a8c698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 247
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG-KJVErtSCgt70Pt6ebEaI&google_cver=1&google_push=AZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-iyB8nfrHVCisEmIklKft5sAXzYnDlDsSMirknTzcmVtNuwpR-abocMtY6K8UpmiI_tYUdx8Pc3ik0fgeyNRqftopQpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75b721df6827698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F58
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECNNNJMxOjsuxr503_MJHR0&google_cver=1&google_push=AZmPxg_uKNJQYAHzdkRqyd-prATmPXlMLuF4MlziQFi8oA6UI-4F_XzXrGDPbrG8MeDSP9FBT-rFffBTNMqnVXwCTeKJzBTLLw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=16D56E6BA38E46989F1C331A79F95C4E&google_push=AZmPxg_uKNJQYAHzdkRqyd-prATmPXlMLuF4MlziQFi8oA6UI-4F_XzXrGDPbrG8MeDSP9FBT-rFffBTNMqnVXw...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=16D56E6BA38E46989F1C331A79F95C4E&google_push=AZmPxg_uKNJQYAHzdkRqyd-prATmPXlMLuF4MlziQFi8oA6UI-4F_XzXrGDPbrG8MeDSP9FBT-rFffBTNMqnVXwCTeKJzBTLLw

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 17 Oct 2022 06:56:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=16D56E6BA38E46989F1C331A79F95C4E&google_push=AZmPxg_uKNJQYAHzdkRqyd-prATmPXlMLuF4MlziQFi8oA6UI-4F_XzXrGDPbrG8MeDSP9FBT-rFffBTNMqnVXwCTeKJzBTLLw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 16 Oct 2022 06:56:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F58
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMVofqMQo6oaTOcn6_-567M&google_cver=1&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMVofqMQo6oaTOcn6_-567M&google_cver=1&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6G...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ded72e47-8d6e-426f-8e53-9b07ab09dff8&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm35nqnnQ&google_hm=M7xarsytQOyLZXnJ1A-JpA==

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm35nqnnQ&google_hm=M7xarsytQOyLZXnJ1A-JpA==

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3Ql3S61rhHTyYXsAw2X80NmpMPkvlnxwxSgcPW7KsY3ruf6DN_BcwbYBMyO9o_NO3lJOWAO0H764Q6GuCtqRm35nqnnQ&google_hm=M7xarsytQOyLZXnJ1A-JpA==
Date: Mon, 17 Oct 2022 06:56:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F58
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJnUZjXYkDH_nE5cb2Pcsc4&google_cver=1&google_push=AZmPxg95WRtzG0HsrDBnLtU_qJayHDZDy0xWjq1Z0ynuneplwKHHU3wYHhhYKVQEebeHD4Y3vgREkW1VeOLAEnfUwA9fndVCKw
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg95WRtzG0HsrDBnLtU_qJayHDZDy0xWjq1Z0ynuneplwKHHU3wYHhhYKVQEebeHD4Y3vgREkW1VeOLAEnfUwA9fndVCKw&google_hm=Nzg0NTc2MzU0OTUyMjcwNzMz...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg95WRtzG0HsrDBnLtU_qJayHDZDy0xWjq1Z0ynuneplwKHHU3wYHhhYKVQEebeHD4Y3vgREkW1VeOLAEnfUwA9fndVCKw&google_hm=Nzg0NTc2MzU0OTUyMjcwNzMzNw%3D%3D

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 17 Oct 2022 06:56:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg95WRtzG0HsrDBnLtU_qJayHDZDy0xWjq1Z0ynuneplwKHHU3wYHhhYKVQEebeHD4Y3vgREkW1VeOLAEnfUwA9fndVCKw&google_hm=Nzg0NTc2MzU0OTUyMjcwNzMzNw%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F58
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGgUQ9laJBCeTSZ7cJYhkiY&google_cver=1&google_push=AZmPxg_y2ASxC1E7EXyWdFmw1De_laS20hi9Jxl_rmTg9oqHl0lmQzD_q_KCBu8ozZWlX1GDqxIyKD9kD8FQMG0PZ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y2ASxC1E7EXyWdFmw1De_laS20hi9Jxl_rmTg9oqHl0lmQzD_q_KCBu8ozZWlX1GDqxIyKD9kD8FQMG0PZVzF8y5cUg&google_hm=FfqgrBZHrpRAr_4YQu-qiT1G

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y2ASxC1E7EXyWdFmw1De_laS20hi9Jxl_rmTg9oqHl0lmQzD_q_KCBu8ozZWlX1GDqxIyKD9kD8FQMG0PZVzF8y5cUg&google_hm=FfqgrBZHrpRAr_4YQu-qiT1G

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y2ASxC1E7EXyWdFmw1De_laS20hi9Jxl_rmTg9oqHl0lmQzD_q_KCBu8ozZWlX1GDqxIyKD9kD8FQMG0PZVzF8y5cUg&google_hm=FfqgrBZHrpRAr_4YQu-qiT1G
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

/
onetag-sys.com/match/ Frame 4F58
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOGrV54Qh4ZQ7552XCzplxc&google_cver=1&google_push=AZmPxg_tRCIQZXHLK2CDLGnOwKi31a6eIcnkresMVNDO_ePB4gQGXKS9_wjNtSFAQP7myJtH0niXoIFmsxC...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_tRCIQZXHLK2CDLGnOwKi31a6eIcnkresMVNDO_ePB4gQGXKS9_wjNtSFAQP7myJtH0niXoIFmsxC-XYponL2eUFPlzFbU
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

9ms
9ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F58 0
12 B 17ms
16ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsVCvJrgQJSq9W-bKiw3AruT5BGEqODtOnWYZf5PECenJYgApFHDKB9Em52O2HUUtIKDHyeQ

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 /
ad-events.flashtalking.com/state/6831578;4071915;0;271;3B1815FA-5CF1-B1C8-7EC4-8C957E75EAB9/ Frame 8CDA 0
67 B 117ms
21ms Image
text/plain 18.169.125.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/6831578;4071915;0;271;3B1815FA-5CF1-B1C8-7EC4-8C957E75EAB9/?cachebuster=208956622
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.125.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-125-134.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:05 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 8CDA 1 B
377 B 54ms
9ms Image
text/plain 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?224654617-6831578;4071915;0-304-0-54033611E9E4D1-254574129
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 17 Oct 2022 06:56:05 GMT

GET
H/1.1 200
OK manifest.js Show response
cdn.flashtalking.com/169696/4071915/ Frame 5F14 128 B
689 B 9ms
8ms Script
application/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/169696/4071915/manifest.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 358c6bbcdec80143fbeb9b221fb975657766228bd9e602a5275c86ed930519c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"2f2239d1a775362c409b514e647da35c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 270118023
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=590
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128
Expires: Mon, 17 Oct 2022 07:05:55 GMT

GET
H/1.1 200
OK 300x600_price_03.png
cdn.flashtalking.com/169696/4071915/ Frame 5F14 12 KB
12 KB 11ms
9ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/300x600_price_03.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4133a4bdf8cfdc5cfd65787e286f9d0ed57aa30ebd51d980dc48b61da077ac47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"c02f1b1771ce4ac62fddb2a2f84624d0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 268644557
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=650
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11889
Expires: Mon, 17 Oct 2022 07:06:55 GMT

GET
H/1.1 200
OK 300x600_Eng_03.png
cdn.flashtalking.com/169696/4071915/ Frame 5F14 8 KB
8 KB 10ms
8ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/300x600_Eng_03.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: d450a8525b3c631cb54ab36fcd7ac2619f1a792016cfc947db8eb6efb2c9c98d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"334691975156e4570e0f291a6655cdbe"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 270777319
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=590
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8000
Expires: Mon, 17 Oct 2022 07:05:55 GMT

GET
H/1.1 200
OK 300x600_product_03.png
cdn.flashtalking.com/169696/4071915/ Frame 5F14 20 KB
21 KB 22ms
10ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/300x600_product_03.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 76287f038e52e79515492be5a52097eca2f9e98f6c870fef273ac8966e401ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"b2cfbb42c68ba8e0abed9a529e3a756b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 270366506
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=650
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20850
Expires: Mon, 17 Oct 2022 07:06:55 GMT

GET
H/1.1 200
OK 300x600_HL_03.png
cdn.flashtalking.com/169696/4071915/ Frame 5F14 6 KB
6 KB 20ms
9ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/300x600_HL_03.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 92f93dbb39675083d6cb9b7a824f245ed5f39df2bfad3d4e1b5644f58c40a8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"8c0ad31fd21f73a8da49e3f9daf1b852"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 282032118
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=650
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5763
Expires: Mon, 17 Oct 2022 07:06:55 GMT

GET
H/1.1 200
OK SA_Logo_Claim.svg
cdn.flashtalking.com/169696/4071915/ Frame 5F14 5 KB
3 KB 24ms
9ms Image
image/svg+xml 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/SA_Logo_Claim.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 69b452c06b14a93f825dd97c9a43a48be1d79a743fc2dbf2c7b2d7848b78912c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 2317
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"c1b9f199aca5355c45d26965bb66daba"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 271294203
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding
Cache-Control: max-age=650
Content-Type: image/svg+xml
Accept-Ranges: bytes
Expires: Mon, 17 Oct 2022 07:06:55 GMT

GET
H/1.1 200
OK 300x600_Cta.png
cdn.flashtalking.com/169696/4071915/ Frame 5F14 3 KB
3 KB 23ms
8ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/300x600_Cta.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 50210fc16bac713c9516e22671e446c780ac1feb0d42a1febb760e949a805917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"4b89f916b6a58ec8fdb03842eb9883ab"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 341482632
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=650
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2723
Expires: Mon, 17 Oct 2022 07:06:55 GMT

GET
H/1.1 200
OK 300x600__BG.png
cdn.flashtalking.com/169696/4071915/ Frame 5F14 27 KB
27 KB 24ms
8ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/169696/4071915/300x600__BG.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/169696/4071915/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 2c1945c924214b1e115a0c5107f77acb44798df8466e8c60097a426b87aa9051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/169696/4071915/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Fri, 30 Sep 2022 08:49:45 GMT
Server: Flashtalking (AKA)
ETag: W/"2a27010f433eedbe5edaa5893a7d0e53"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 269483598
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=650
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27232
Expires: Mon, 17 Oct 2022 07:06:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB40 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUhj9hPxMY4qfBaCh9u8Podm3oAMAAAAAOAHgBAI&bg=!JySlJGDNAAYeOJy_Pjg7ACkAdvg8Wu9lSrJjkH0fdQUhvzZMIy2t86g1G3cBRfyBUGxRcDOMevpt9AIAAAD2UgAAAAJoAQeZAuasfH8sdmnOLmH9n9xfcmsPGil0kjyZZViJWTrXzHXzvU-0Q26yl0AcGeKFhpdoc22dX3ZAtSay9wbPUibMEq0us8GNYzXBTVWXZ4EOi25CY_PSCufAbYpuZBWF2q0FHUMX5FZJasrcKO4RcQqFk86YWTr4Onk0ATm0rQ0lSZSDiHxm64FwXCWKGF7BBXfhW7SeD6s_5T_2OyDfDS_pZVjWIe3pS4ogtku4IZvorciNra9lq3LH-mXjLeRSLnjPbG3yUCqf-uYux8cLQM2kY2vHmEhwrGr3Qspr2T7m11KpXw98TKzWemK5aO5gb_UjrR1a58pmTXdWaw3nOTfg1tH_1pihm2xJpnWJaU6v0fhNvlB4tAvw3VyYPl7mwxPZcLjEeBmym_JIGrDMsDDNAtLS1Z2dVe6WsrEGNcHhOYHG-C6p_iCH5_Qwoc8Ynzz_02eN4bZw_BO0Yx6f0fgV6DfYO0eownp1YNYsldNMQVUA03NWVkekhHWNjph1ZnkxqWSZUuwI29sUs-oaUED4EbQQX4ohStXu-X0PRM1OSjQteUolsUDhdUksucyDDi4ASsUPGd5QMdyVgMG3h95w7VVQpG4UkNJsXKySr8jg3oM_NOezbberLuMjssKOC9J6_sf4JuI05Pm-hlLaQxfq94niR8A29B0jtPo91Gp9Txff18hxwHC9QYW0PnLI2P1BxJYdDeAQaVhcRalfh6QZfVuX9VHO-wsN4WkDXnQoAqG4AadNkfi_3RpZHejAoqpokHNH0WIP0JqGNrwVkdOlJcA4QmeCf18tsuF5fNwvMUDLxR5yCSgc8aNR7dodPP1Hn7VZj7naVgmg0_y6ys7WdXHxc6SA3Drux4_too-_C_SJ0tpOzGupkY4_sB6_urtH3VECYskWrjfhlIqfowqoHfMPTVZw2jSIDYB0LcQ161SP9fK_xwYhmnZu2ySKoonASikritq5TTrLXXM6p7bTpKbkv4AOFsmj

Requested by

Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5F14 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 8CDA 1 B
377 B 8ms
7ms Image
text/plain 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?224654617-6831578;4071915;0-306-0-54033611E9E4D1-874207338
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:05 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 17 Oct 2022 06:56:05 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CDA 43 B
215 B 164ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=f56057e1-576e-ae7c-75f5-1160b0e26750&tv=%7Bc:rhwEb1,time:553,type:e,im:%7Bpci:%7Btdr:501%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:553,n:382,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:25,wc:0.0.1600.1200,bkn:%7Bpiv:%5B377~1%5D,as:%5B377~na.na%5D%7D%7D,%7Bsl:o,t:382,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:bf,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B171~0%5D,as:%5B171~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:185,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C181.886862-62195610%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:214%7D&br=c
Requested by: Host: 84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
URL: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101002&jk=2223897128252124&bg=!4eKl4qbNAAYeOJy_Pjg7ACkAdvg8Wq_v8QtipV16OhfOPQ8O8wFpJ4KIhesuVdBSC1aC-Kg_h1ca9QIAAAKzUgAAAAVoAQeZAq86VQqv3EougXNtNKA2WAJamZwximrtMg9pReu8v0WDiZi0IRzrcBHXPfe_JgYb7odfmZlUqKXPQ4gitHXz67NjjipBrc9zKjVUNT_na2rHTcucbv7npKPkiU217av1XaPIq0-f_RiWgPHMOA3tzAnT1HBm5Nv5sBK4qQmVCCnwQRKtbbVTlY35eBVMIEpq2_plfoknnSsfjqNQNkngW1cnycalEE_jc9i96oPz6v5biubmlQExNwwGPXw8qdQ1xHSYqpQB8PoiEm6JhYXhW6ehoXVB9XkqKY7V2-48yi4XXOizsK-iz6CFgb2d3BFhu-7c-DeNU4VFDp_WMpHgVQxKz0vOnYYeYPe5bkbmlhuEQXE-UuRmRzWYukFmcvQYSBhhHjELGkWKd2MkEthgX-bI38UTyPzZzPQg72arIgR0pH6aXQ9lybp09yblVuzp1fcVxCmhggWW0DhyuTHSU7WIir658JjCaffUCfm-PqUKHHB_AQEcY9pUKlHPWrvINHBDdTGvBn1PUeCTsnvBm3rnHgtQNYQtKTnyi0ZnR_xSdVJQZ0B0joRVMiVhcn-m1nEHi5EPLnVLAP7kSQWK9mtrEZ1avXVeM98paNmFEXr0TRkqO1CCyj1WCbcKw6AxeyRe_1dky_ULIR2xrByLDsGsL-JgokXRYzKbFHeYUa8ZFBJyDje7JWQmCDSwiiyKGFWP_qyJ2PhVBxg9mQdDESkvj0NYztZFKmom4uTBnEwfBpPOokUg5Kc0OouIvmAhWNhPwsKjKiCr8T-jAIiV-0vRdiYEi-YQeZKPzyKpTkCsH3yI9AtMXYONzPuzSqfbboyXZhGsBZEKMwI0U1sCtyTjLCBMCgO-CCxqBUcBHWh-pWIZaQPsut4xi9WZIdD8gcK_uf2bOnQHKs9P6It1Yi0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 200 track Show response
servt.modoro360.com/ 0
94 B 313ms
120ms XHR
text/plain 34.239.3.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=kooora4lives.net&rs=kooora4lives.net&sid=7247&t=1665989760&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=620a5acab6e80f22ac327b74&test=1&aafaid=&proto=https&uid=1665989760568-965177218956-006093-006-009538&cha=0.7&stagid=620a5bd04911372f7d67f1fa&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.56&cb=73235115136&d39=&d65=ControlGroup&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=620a5acab6e80f22ac327b74
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.3.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-3-208.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 06:56:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 58ms
19ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kooora4lives.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 17 Oct 2022 06:56:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 548737
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=HzxDP3xKcG1LSkprbTNqMDlrUmVETWNMMExoS0xSazNZT1E5R1paeDlnUGZjRGVud1dMMHAyeGU3ejRHWUd2TmlKdDYzN1pBNVRvNUsrZHlucHcxWSsxaEVJenFnT0pDYUp3S0l0WWErRWMzSXNZRTZMVzBQckkzOUxQeW...

456 B
719 B

21ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HzxDP3xKcG1LSkprbTNqMDlrUmVETWNMMExoS0xSazNZT1E5R1paeDlnUGZjRGVud1dMMHAyeGU3ejRHWUd2TmlKdDYzN1pBNVRvNUsrZHlucHcxWSsxaEVJenFnT0pDYUp3S0l0WWErRWMzSXNZRTZMVzBQckkzOUxQeWJqc1FhT1h6WmtPTXVlSUtEZnBQY29ocUt4dUFZNkVZM3l0bFVnWnlmMXBxRk1wTUlNbmVVbmNBTUIrdDZSTVVnV1Z2UTNlNm0rZ2ZxMmJPR1hUWENsZzM5enkxSTh3ZGZRaDZpejhTZmtUMVRxa1JsTndWRjZLZ1Z2NS8zcllMcE55SjhnVGVHQW1Db1I5bmxRU1JiMzFxK2lsOTgwdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a99ea4058df957531aae21c784a89f200dc9505f91596f759f36758e21c0528d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1388847
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=HzxDP3xKcG1LSkprbTNqMDlrUmVETWNMMExoS0xSazNZT1E5R1paeDlnUGZjRGVud1dMMHAyeGU3ejRHWUd2TmlKdDYzN1pBNVRvNUsrZHlucHcxWSsxaEVJenFnT0pDYUp3S0l0WWErRWMzSXNZRTZMVzBQckkzOUxQeWJqc1FhT1h6WmtPTXVlSUtEZnBQY29ocUt4dUFZNkVZM3l0bFVnWnlmMXBxRk1wTUlNbmVVbmNBTUIrdDZSTVVnV1Z2UTNlNm0rZ2ZxMmJPR1hUWENsZzM5enkxSTh3ZGZRaDZpejhTZmtUMVRxa1JsTndWRjZLZ1Z2NS8zcllMcE55SjhnVGVHQW1Db1I5bmxRU1JiMzFxK2lsOTgwdz09fA&cppv=2
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 561927
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
626 B 42ms
10ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/462774/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

259c9f40c19cf168c65feab500ee51feda042c5d6c9cbe9d7dc07cb3cc53124e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 17 Oct 2022 06:56:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 50ms
20ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 17 Oct 2022 06:56:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 505886
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CDA 43 B
215 B 162ms
162ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=f56057e1-576e-ae7c-75f5-1160b0e26750&tv=%7Bc:rhwEir,pingTime:-10,time:1013,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665989763217%7C%7Ccdbb7dd3c044c245cba01b4e9d86e07e%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C5e159657b0e319d228bb98e11df021ff%7C%7C596f5f77e035a08fe912a591b1fb345b%7C%7C9dc8dfeb6b2dd5f96383f07763c546ac%7C%7Ca6fb380eb73fd07df1d695827f2d7521%7C%7C919bde62cb52d5a9b3d4cc7ab4ee27d3%7C%7C1663701684,sca:%7Bspg:411a0d35-296a-9058-56d7-582461491957%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CDA 42 B
64 B 52ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn6Qs5jtsDcDMh942J8Ek0cbLBEpITbtZ4p7Q9QivDtR9HEzWxieRygF17IZGNYYwP2wmNivAv53EEdNRYXYOeuG819o0NNPr_BnuPHkEua8DVgTOtpsy4PAgTamWwisgGTKOhkQ&sai=AMfl-YSLwx4E-JkEYNn7GVNOyJi-qPM7jcusc9niDTWXlMpAKqW8YFjzBhDS4fLCZDo8r-_UDPwn5x7vQ4-wJEeyVIM5jde5GHQaqXISPjpao4VUBgLIXuVI_UDrhJh41qI&sig=Cg0ArKJSzPvP21M5ex1zEAE&cid=CAQSPADq26N9feHD8TjeJgjlkUOFnALHcY7R8MogLKuGCfwKFfzUKAmzT_84DoGjtAb7uNQ-5ylfXiAYl60-fhgBIA4&id=lidar2&mcvt=1002&p=310,0,910,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2220773145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665989763834&rpt=1079&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 8CDA 1 B
377 B 12ms
9ms Image
text/plain 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?224654617-6831578;4071915;0-307-0-54033611E9E4D1-499394402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:06 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 17 Oct 2022 06:56:06 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/6831578;4071915;0;202;3B1815FA-5CF1-B1C8-7EC4-8C957E75EAB9/ Frame 8CDA 0
66 B 30ms
26ms Image
text/plain 18.169.125.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/6831578;4071915;0;202;3B1815FA-5CF1-B1C8-7EC4-8C957E75EAB9/?cachebuster=395415278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.125.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-125-134.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:06 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H3 200 Tuitype-Bold.woff
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 32 KB
32 KB 22ms
16ms Font
font/woff 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/Tuitype-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:12:37 GMT
x-content-type-options: nosniff
age: 553409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33164
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 21:12:37 GMT

GET
H3 200 Tuitype-Regular.woff
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 93B5 32 KB
32 KB 21ms
15ms Font
font/woff 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/Tuitype-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:35:03 GMT
x-content-type-options: nosniff
age: 393663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32792
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 17:35:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CDA 43 B
215 B 163ms
162ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=f56057e1-576e-ae7c-75f5-1160b0e26750&tv=%7Bc:rhwEGm,pingTime:1,time:2496,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:25%7D,%7Bpiv:0,vs:o,r:r,w:300,h:600,t:382%7D,%7Bpiv:100,vs:i,r:,t:1495%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1495,n:382,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:25,wc:0.0.1600.1200,bkn:%7Bpiv:%5B377~1%5D,as:%5B377~na.na%5D%7D%7D,%7Bsl:o,t:382,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:bf,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1113~0,0~100%5D,as:%5B1113~300.600%5D%7D%7D,%7Bsl:i,t:1495,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:bf,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:168,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C181.886862-62195610%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:214%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:07 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CDA 43 B
215 B 164ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=f56057e1-576e-ae7c-75f5-1160b0e26750&tv=%7Bc:rhwEGn,pingTime:1,time:2497,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:25%7D,%7Bpiv:0,vs:o,r:r,w:300,h:600,t:382%7D,%7Bpiv:100,vs:i,r:,t:1495%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1495,n:382,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:25,wc:0.0.1600.1200,bkn:%7Bpiv:%5B377~1%5D,as:%5B377~na.na%5D%7D%7D,%7Bsl:o,t:382,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:bf,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1113~0,0~100%5D,as:%5B1113~300.600%5D%7D%7D,%7Bsl:i,t:1495,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:bf,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:168,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1413%7C14141%7C1415%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C1712%7C1713%7C1714%7C17151%7C1716%7C1717%7C1718%7C1719%7C171a%7C171b%7C171c%7C171d%7C171e%7C171f%7C171g%7C171h%7C171i%7C171j%7C181.886862-62195610%7C1811%7C1812%7C181311%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g%7C1h*.1191119-66148304%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:214%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:07 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame B0EA 0
229 B 28ms
10ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=d62d5adcdb754e47832bc78b08853ec5&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=137&eoid=12&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=10&msltms=28&vltms=137&sei=289&vetms=283&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=264&msrcannum=2&ismms=62&isumms=62&nvr=2&isgmmims=62&isgmv4mims=62&elmtp=4&isbxdms=2563&b0=2784&dvp_vsosnmr=3&lftb=2784&sftb=2784&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&invcs=true&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=61&dvp_dpr=1&dvp_itg=HEAD:1,META:2,SCRIPT:27,BODY:1,DIV:21,IMG:3,IFRAME:19,STYLE:2,svg:3,path:2,A:2,circle:1,INS:1,&ttfurm=3471&cbust=1665989767101860
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:07 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/16/2022 06:56:07

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 165ms
164ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwESu,pingTime:5,time:6074,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:942%7D,%7Bpiv:100,vs:i,r:,t:1073%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1073,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B155~0%5D,as:%5B155~300.250%5D%7D%7D,%7Bsl:i,t:1073,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:297,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1h.1191119-66148304,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:944,sis:1328%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:07 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 317E 43 B
215 B 164ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1191119&asId=434bdb3a-ff55-fe14-ed1f-abb8da02bb27&tv=%7Bc:rhwESv,pingTime:5,time:6075,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:942%7D,%7Bpiv:100,vs:i,r:,t:1073%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1073,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:942,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B155~0%5D,as:%5B155~300.250%5D%7D%7D,%7Bsl:i,t:1073,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:297,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141.10933%7C1411%7C1412%7C1511%7C1512%7C16*.1191119-66022382%7C161%7C162%7C163%7C1711%7C1712%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1h.1191119-66148304,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:944,sis:1328%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:07 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 47E3 43 B
215 B 163ms
163ms Image
image/gif 2600:1f13:800:7780:3ac0:b54c:f513:72a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=68bcb591-2816-6958-3a20-bbe847e05adb&tv=%7Bc:rhwEWg,pingTime:5,time:5642,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:50,t:554%7D,%7Bpiv:100,vs:i,t:641%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5642,o:0,n:641,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:553,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~1%5D,as:%5B103~300.50%5D%7D%7D,%7Bsl:i,t:641,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:i,cc:NaN.NaN.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:282,fm:tkv9g4E+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C13%7C141*.10933%7C1411%7C14121%7C1413%7C1414%7C1511%7C1512%7C16.1191119-66022382%7C161%7C162%7C163%7C164%7C1711%7C17121%7C1713%7C181.886862-62195610%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1h.1191119-66148304,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:554,sis:772%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3ac0:b54c:f513:72a1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:08 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ Frame 1241 87 KB
28 KB 29ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:56:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:56:08 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 070D 15 KB
6 KB 22ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 06:56:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 2723208
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 070D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=3&topUrl=kooora4lives.net&bundle=JEKcfV9LNkJHanJQRTBvRDVvJTJGTGFQV29vSHNSdWdHUm5JanhnMmlxaUNZdjkxNV...
https://mug.criteo.com/sid?cpp=Ob6XnHxIOVdpMkVZbDNOL0NTWXVQSDVVTmNuclpZNFAzODVIaWRmNFhpTGpJWU9sVTRnMTk5cHlkMlNRTmVSK2xEeVdWcGNHWWlIWGZFcWxZc0xZVnlBM0xocktJN3VyU3NRZitOWW9QUkRaL0VGQ3FzRW96ZHdXOHpTVG...

454 B
670 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Ob6XnHxIOVdpMkVZbDNOL0NTWXVQSDVVTmNuclpZNFAzODVIaWRmNFhpTGpJWU9sVTRnMTk5cHlkMlNRTmVSK2xEeVdWcGNHWWlIWGZFcWxZc0xZVnlBM0xocktJN3VyU3NRZitOWW9QUkRaL0VGQ3FzRW96ZHdXOHpTVGloMlk0K0l6NWlaeVd1b2V2QzNvWm15THNoSy9oSSt6OEVQZ3JhbFRLaFlWVWRSZHBKN2Fhc01ySTMzNVo4VkdxWXpsbkZLMmZRL20vc24xckVJMUN4NkNxYmVDMFZQeUxSbFRIWUZOVFFkSFdsaCs0a0hocFNrdkpsT1BBMUNDdXRUcEIrR2JKNUNQMFpOaVp2MGJsaWFydkJwNGZzOWwveHRQZG40eGQyeVhsTjhEVG1vcz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d2d98a3920208ff62ee7b606975bdedfb3367e4066adb59847ffdf447d0944f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1931468
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:56:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Ob6XnHxIOVdpMkVZbDNOL0NTWXVQSDVVTmNuclpZNFAzODVIaWRmNFhpTGpJWU9sVTRnMTk5cHlkMlNRTmVSK2xEeVdWcGNHWWlIWGZFcWxZc0xZVnlBM0xocktJN3VyU3NRZitOWW9QUkRaL0VGQ3FzRW96ZHdXOHpTVGloMlk0K0l6NWlaeVd1b2V2QzNvWm15THNoSy9oSSt6OEVQZ3JhbFRLaFlWVWRSZHBKN2Fhc01ySTMzNVo4VkdxWXpsbkZLMmZRL20vc24xckVJMUN4NkNxYmVDMFZQeUxSbFRIWUZOVFFkSFdsaCs0a0hocFNrdkpsT1BBMUNDdXRUcEIrR2JKNUNQMFpOaVp2MGJsaWFydkJwNGZzOWwveHRQZG40eGQyeVhsTjhEVG1vcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 701374
content-length: 0
expires: 0

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 8CDA 1 B
377 B 9ms
8ms Image
text/plain 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?224654617-6831578;4071915;0-310-0-54033611E9E4D1-737269240-0x50x1x0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 06:56:09 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 17 Oct 2022 06:56:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kooora4lives.net/	1970-01-20 15:32:05	Name: HstCfa4625840 Value: 1665989759804
kooora4lives.net/	1970-01-20 15:32:05	Name: HstCla4625840 Value: 1665989759804
kooora4lives.net/	1970-01-20 15:32:05	Name: HstCmu4625840 Value: 1665989759804
kooora4lives.net/	1970-01-20 15:32:05	Name: HstPn4625840 Value: 1
kooora4lives.net/	1970-01-20 15:32:05	Name: HstPt4625840 Value: 1
kooora4lives.net/	1970-01-20 15:32:05	Name: HstCnv4625840 Value: 1
kooora4lives.net/	1970-01-20 15:32:05	Name: HstCns4625840 Value: 1
.kooora4lives.net/	1970-01-20 16:22:29	Name: _ga Value: GA1.2.937134123.1665989760
.kooora4lives.net/	1970-01-20 06:47:56	Name: _gid Value: GA1.2.306564067.1665989760
.kooora4lives.net/	1970-01-20 06:46:29	Name: _gat_gtag_UA_150096121_1 Value: 1
kooora4lives.net/	1970-01-20 07:29:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kooora4lives.net/	1970-01-20 15:32:05	Name: _pubcid Value: c61209a7-735d-4c23-ab2f-8ea26ad06fc5
.doubleclick.net/	1970-01-20 16:08:05	Name: IDE Value: AHWqTUmXjVKt91HcvHqw0_CZCwRc6iDqzNcgF-NUApV4mkhRi_ZJpeW9y9IwtP3EBHM
.lijit.com/	1970-01-20 15:32:05	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/	1970-01-20 15:32:05	Name: ljt_reader Value: FfqgrBZHrpRAr_4YQu-qiT1G
.modoro360.com/	1970-01-20 07:15:17	Name: aniC Value:
.rubiconproject.com/	1970-01-20 15:32:05	Name: khaos Value: L9CFAEKC-C-5PMK
.rubiconproject.com/	1970-01-20 15:32:05	Name: audit Value: 1\|naVuGyos1qoaqU40KkmAqF4C1LCtWBX9mfsNIvv6Qtp0kTU4st2MueAGmqd5Q8Bi9xn+HVIwlvMpM2sIN5l8GeBxGCOXoSK11l7JXsrMtVfc6UO785F0Pw==
.kooora4lives.net/	1970-01-20 16:08:05	Name: __gads Value: ID=930b0b1ec81cd12c-2216934748ce0090:T=1665989759:S=ALNI_MZ7dAEZZJkGUVvH74rKMV0UpsS6mA
.kooora4lives.net/	1970-01-20 16:08:05	Name: __gpi Value: UID=00000b745fd84ec5:T=1665989759:RT=1665989759:S=ALNI_MYkSPe7PaoVFxtCbEseaZCFiuqTOQ
.doubleclick.net/	1970-01-20 06:46:33	Name: DSID Value: NO_DATA
.360yield.com/	1970-01-20 08:56:05	Name: tuuid Value: d8475696-b4f0-4f2c-8ee4-168ff117f5a3
.360yield.com/	1970-01-20 08:56:05	Name: tuuid_lu Value: 1665989761
.adnxs.com/	1970-01-20 08:56:05	Name: uuid2 Value: 8156844521286074560
.casalemedia.com/	1970-01-20 15:32:05	Name: CMID Value: Y0z8gQ3-pBrTxlPKkBDStQAA
.casalemedia.com/	1970-01-20 08:56:05	Name: CMPS Value: 5230
.casalemedia.com/	1970-01-20 08:56:05	Name: CMPRO Value: 5230
.yahoo.com/	1970-01-20 15:32:27	Name: A3 Value: d=AQABBIH8TGMCEDNEsXsNlayoAgpe41htIA0FEgEBAQFOTmNWYwAAAAAA_eMAAA&S=AQAAAmHveIA3q-u-yd6EPNzuDK0
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: df552cefccd975d8
.technoratimedia.com/	1970-01-20 16:22:29	Name: tads_uid Value: GDPR
.adnxs.com/	1970-01-20 08:56:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc#q4q+=!@wnfH8K6pQK`!5=E<L5?%K-02%yR[`bo51dVxj3iMxf59<(i@4wiIp$qP8%nugO%v4VB%noNKDdE+
.analytics.yahoo.com/	1970-01-20 15:32:05	Name: IDSYNC Value: 18yl~27ri
.spotxchange.com/	1970-01-20 07:26:48	Name: audience Value: c2ec3bf1-4de8-11ed-ac64-1a3233820406
.modoro360.com/	1970-01-20 06:47:56	Name: 2_C_200 Value: OPTOUT
servs.modoro360.com/	1970-01-20 06:47:56	Name: 2_C_200 Value: OPTOUT
.krxd.net/	1970-01-20 11:05:41	Name: _kuid_ Value: PJJIUdGY
.bluekai.com/	1970-01-20 11:05:41	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 11:05:41	Name: bku Value: TV6O9/nXEswy9YG7
.criteo.com/	1970-01-20 16:08:05	Name: uid Value: dff4cc7d-bf6e-4854-a88d-c741793c3b18
.bidswitch.net/	1970-01-20 15:32:05	Name: tuuid Value: 33bc5aae-ccad-40ec-8b65-79c9d40f89a4
.bidswitch.net/	1970-01-20 15:32:05	Name: c Value: 1665989764
.bidswitch.net/	1970-01-20 15:32:05	Name: tuuid_lu Value: 1665989765
.simpli.fi/	1970-01-20 15:33:32	Name: suid Value: 16D56E6BA38E46989F1C331A79F95C4E
.scoota.co/	1970-01-20 16:22:29	Name: tuuid Value: ded72e47-8d6e-426f-8e53-9b07ab09dff8
.scoota.co/	1970-01-20 16:22:29	Name: c Value: 1665989765
.scoota.co/	1970-01-20 16:22:29	Name: tuuid_lu Value: 1665989765
.tribalfusion.com/	1970-01-20 08:56:05	Name: ANON_ID Value: agnseFSkTsfAutomjt9kUPShjcOYSsToTv4afUoS005wF8VrQZcKDS6FpZcbgbYUeYoZbsnQqM0abQmv8tZdL5LH
.kooora4lives.net/	1970-01-20 16:08:05	Name: cto_bidid Value: PqYV_V9CdWgySnA3ZkgyY2RJdkJicWp3S1AlMkZYZzRRM244RU4yS3dteG1iVGdYMkVoVlgxbnhDQVdyeE5jNDd0MFRMYXdUWDJ2c3RvbHVHMkxJYzA1Tk1mJTJCYlM2WTU2NlNkalhBcnA2cGZ3T05mdWFBaVlQWTFsZTBVQXo5UzBpRCUyQmJocA
.mathtag.com/	1970-01-20 16:12:24	Name: uuid Value: 1fd5634c-fc85-4100-b401-bdd149dd5099
.mathtag.com/	1970-01-20 07:29:41	Name: mt_mop Value: 4:1665989765
.kooora4lives.net/	1970-01-20 16:08:05	Name: cto_bundle Value: uUM2v19LNkJHanJQRTBvRDVvJTJGTGFQV29vSG9xUTVhbEtQVWJpa2NIUEpFQ3pJWkslMkJBWFRBc3REd3NJdlFEOXpUcVhqdG5nUllrbWZUNVZ2bEpkNWhFdzIyWHJ4JTJCU293empna3NwdnVRZVklMkJVRmkzbTdVQ1NtUVglMkZQcm1Yaks1dXhUeVdzS1VFNjVBQWJCdW5zaGxoVXNZRXFwdk9LekpLT3daSW05UXpNMjdmaElVJTNE

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://kooora4lives.net/beinmatch-4/(Line 51) Message: <link rel=preload> must have a valid `as` value
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-8-1.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-12.png Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/032210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://kooora4lives.net/beinmatch-4/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

84a30aa7ed686f3f6fb5949c10c8d062.safeframe.googlesyndication.com
a.tribalfusion.com
ad-events.flashtalking.com
ad.360yield.com
ad.doubleclick.net
adipolo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.flashtalking.com
cm.g.doubleclick.net
csync.loopme.me
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jscdn.greeter.me
kooora4lives-net.webpkgcache.com
kooora4lives.net
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
r.scoota.co
rtb-csync.smartadserver.com
rtb0.doubleverify.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
serv.modoro360.com
servedby.flashtalking.com
servs.modoro360.com
servt.modoro360.com
signup.adipolo.com
stags.bluekai.com
stat.flashtalking.com
static.adsafeprotected.com
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
sync.technoratimedia.com
tags.bluekai.com
tg1.modoro360.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
www.kooora4lives.net
x.bidswitch.net
prebid.smilewanted.com
103.229.206.241
129.159.70.95
141.95.4.204
142.250.184.226
142.250.186.98
147.75.85.234
162.19.138.117
172.217.18.102
172.67.71.236
178.250.2.146
18.156.0.31
18.169.125.134
182.161.74.18
184.24.1.49
185.184.8.90
185.64.190.78
185.80.39.216
185.86.137.131
185.89.210.122
185.94.180.126
192.99.8.28
198.148.27.140
198.47.127.22
2.18.232.99
205.185.216.10
209.197.3.19
213.19.147.45
23.23.108.37
2600:1f13:800:7780:3ac0:b54c:f513:72a1
2600:9000:2491:5e00:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:20::681b:4071
2606:4700:4400::ac40:98f5
2606:4700::6810:f44e
2606:4700::6813:ad6c
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:585::4469
2a02:26f0:3500:c::5c7b:6837
2a02:26f0:480:39d::2c79
2a02:26f0:480:b::210:f1cd
2a05:d018:d29:3605:b661:2495:bc14:df31
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.120.13.175
3.64.202.105
34.149.12.213
34.202.192.26
34.239.3.208
34.248.3.167
34.91.62.186
34.98.64.218
37.157.3.30
45.133.44.3
45.133.44.4
46.105.201.240
51.89.9.252
52.30.241.130
54.155.231.125
69.192.160.219
72.251.249.9
79.125.33.106
88.221.168.201
014bdf5a23c8194399a400cf5f7e4b96668f583a481d7204420d58659597def3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681
036c8b6e0426856433ddcd669d9b836d8e3a594c5cb6911557bd14ce9c92f93e
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
093fe7558efb53cd9e42280c1f5197375328777f91c32eecae649bc0bffd29d6
09fbfb8a4887244e1c91e83f8c1779347fc6254f5a74c7ec6235f33dece4b405
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d8b550232dc2fb0eb940b6ed0a483a56bb77504b4ea3f8cfeaef032c5fd31e2
0dfa3f3efd20782e03666b819e0a80bb82369a805af8003599480a8323efa8d7
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f0e4d06a9f4e92efe079b0aedf4aaec96322f4fcb2e0c15d768cbd4af2ecb3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
18c1ebda405e285a385c1e68e1ae2d82db2b1458339875de3fc1d416eed828a4
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1ef43e91e3db643c54b74c4e7fb08e647b6d985136a58521f3bb0647e6ce5992
210577a3663f87e726ca5c74f17745d48c43694ce66bfad6b3e869a2d713d527
229ec1166d40d23721fccf8fd7fb1c92daf1de01b1fd3f911b32f86c8935aac3
22e934d41fc71e0af926b847f6bc807cdfbf25cda13b8e5cab27f63c161c01e4
23405f106857c8f907503f6fbab7f8298eb0abb1dd0f4488a9744d94e920a2ab
247a677dfd062d9a1eba5b78ef74ad58eea1efd7ac4690dd0e9b1b7d9c6868bd
24b1f91a3da4255e71d87d86c3cf4845776692489ed67a93f483a8a5f58c3504
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
259c9f40c19cf168c65feab500ee51feda042c5d6c9cbe9d7dc07cb3cc53124e
26db3d828710c7a5bc33f5ca0d2d65b72572bb424f1c9ef15b98ad484f58c297
26ef7c444c9c9cd7e56cd776d76c8e83249f22ae62069a5172d97a88d0a49a4e
273882dd606190e38d3e8fee0005ef48aebf5134eb0cd105e3863ca59d30d54d
2739d6dc966b25a506e5c899b2401aa8b13b2ee6154cc7706f8af723a62da90c
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2bb451155dbe12a0b7a999e8d968b8a4f00e04e3010b1058723f16bdd659761d
2c1945c924214b1e115a0c5107f77acb44798df8466e8c60097a426b87aa9051
2cdcb42c3ed1f6e95fe6869d4771b7f015e530ad6d1bc51b78397579f0913283
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6af11e2405f681c10c7b137262e7114b6756c03b8ffe7aad3300af6691c5cb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3295ca9f7cc61f8743e095c72b8c551e90d9d3ebe375ad1da57500f6d7cdb276
33c36e0b4c988245ad83fd934e5787001f553e32103f55e7d859930f3c344116
347961c0b167cedf0f91617720184c0aa325cfdc448594153a061a9ada0943a7
358c6bbcdec80143fbeb9b221fb975657766228bd9e602a5275c86ed930519c3
359315a20a2c252ae01995ba36afb3aec5e223ba5ff80f71c803640785b3db76
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38a59ec3c991b5fb8eda7add7ba1b983aecd8f3bb8f712b59ebe218cf98aea85
399369181172beba7c0c044a9ba75892c7656eef2092c57ee532b830b1bebf7f
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3c80a598e8620818cd3ba568d88d437ec1f824373c27dd4b0213191cd6a19d01
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
4133a4bdf8cfdc5cfd65787e286f9d0ed57aa30ebd51d980dc48b61da077ac47
41c2740b56ffaa74baab8f400ef8bff9b63bb7867730e4e3c69dd86d4446f26d
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
442e54ce9a08dda90dd9607253bbccc11a003447feae2e35b4f88e930db61817
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
495047ac37d6b00300a23fba8e4a2f690a41630860276b4c3f3215ba212d317d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5092b97aec5cdf29eaa5f09a5a1d63e1a5f85a7188dac43943781852508d03
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
50210fc16bac713c9516e22671e446c780ac1feb0d42a1febb760e949a805917
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ae02580fcbc56267817b94becd1569812012dff51264d68f9686be1781e4f3
559759a095072ba523a50f07fb9ea0e96ad3d7c05eef14ed0cedd65e7382fc89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570cc2e319d8030e5bad4dee61bcd6574f1aeb9119ac73fb71cf69d9cc2d5fda
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ad9c147516081a3f0a795cb4befe45e751e0213ebd492596827fe90b4ae740b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c5d59c5ace921b9977d174cc78e856709957d7f9ea8c2505a351d5098eba652
5d22e3cdda041541cc6a2149622b34eea76497dffe3694039baab209f80c37bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625b11a21d828ad4317e51b70ed84d8924a2ad808adc6a19a512a29dfd7b2c12
634d5f558c3ab8052f702dbc51bc5a5eb23c37216ea481cb7ece9e1dba541f90
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
64e5b72460275e35b3947013497bde36be70382377b2ed2bbb60eac3945a14a8
66183f71462b30d690081ba06c15ce37745f19689202e65dede71f136133bc3d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66481f475dc17812d43b73c82e30b397ef2979e380a87f5ba29eefe08956d2a2
678a490be772246b79ec3ce0289e5e949e04042b9c48fbc3de9d187327c4588b
69b452c06b14a93f825dd97c9a43a48be1d79a743fc2dbf2c7b2d7848b78912c
6b44694df5f1698aaf31da0f7f6edd008e75d66ebddf994c6e2046800f226d4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc427445c31d28b20e3fbdc63a4b4696a2153b0220547fb95797c1ac58c292e
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
6fcfb54e57e319af758a54207b3f3a4ce80b09dfcb5d1679695e3a05fcd03a39
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
7149d67f4251cd54a60c44f96066aac810291d8637b941e74448fa9aaf54358e
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
75ea01d486be9457bb16b1ff50fde02fc518572d53caa090321546eff7362b59
76287f038e52e79515492be5a52097eca2f9e98f6c870fef273ac8966e401ec6
778da85c1ce0d534ae559d6902e53e26848e4adfcaa957932c4f08a36252d48e
77a78f673677cacc26881e1c993df4bfa063e57e8ba49edd4d66d5b084df4100
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7b68fc595afd77a522505724a8e55bd1d636180eaddee95d13d77997734c4dde
7c7ef02baefb96e1f07081fcfc3e2cde58e8219085a98854630ceda0ae64d36e
7d83975eb44eaa25c84fbc01569e39c51d5d727e9194334c628e4a90d3143309
7d907514c7fbb76203ff4bc1110ccd6cac5365d5842d409659b4c4c814e100b5
7e255b5f3d379412b62af619935ec0134a837e4a4289a61fe2fce521ff7cc827
7e5262948d32d8559bcf1490872d221bc85980a77ff9f4784f41cbd03ae726d9
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
7f256b1bf801d9f621c00f2332078ab0e60298f45b61fde57066d6678332085b
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
809bb23fd2558896ad8eaa7cf087b4e5b0c869e033b6ec5ccc7bc1073fbf3bcd
8175f6ae95283cbaae5fd13d8c0374226cbeeef26d0521dd0f0a02dbafa9e6d5
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
89bc5c21fe7b8821eb91e5fbb197199534b915b6e2980bb1ddc2111595bcf19f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
92f93dbb39675083d6cb9b7a824f245ed5f39df2bfad3d4e1b5644f58c40a8d5
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c26099d9f72001fc82d262ea5fd218ff0134807f74cca0fdadc2f65a9e4d91d
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9e31e637aee7c50751787b4394dda715f8120bb407bd3580bca2b2b831c95349
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a57a6a7aac8b1b66c284563baaf89dc75e9473eb6b466bcccd0de472bcd56e
a657eba67772ccab87aa0bd540403efd90da44cc909d76edb8a50ae757827057
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7376fb82a98db2648618531d9102664c07f741d3d25501ffb9d5b7103525777
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a86de4fac038edc1323d1432d293e2de6d4b48abe53577cee3f7350a351385d5
a929103966bed9c4d232d8d2523be7449521c8c2677b4989a67015b894d7f2ca
a99ea4058df957531aae21c784a89f200dc9505f91596f759f36758e21c0528d
ad233d0a9f53be50cf2a4e4cd7863c7bb1a4341f0ad4cc883907687287107002
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af73625499971460fbee3b86b049a31830c236e0cc8af4f7189c8602113eefe5
afa0fa9e02c1a5a13ffd61b9b7f05c866648e2e9e8d0ede7b2813bf2f260b3f9
b0c61f4d39e7cda429be0271c1c87cd36a00bdd51226f0e87ee31ede992e5f4d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b2b50e80d19a5e91c0c4ef3df1aaa1d90f61824911787244f9ed1ef4e1553263
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b790c94ae18306fdbd2595a068c0b28830325f61bf9efbc814ba111bd408d9df
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b9154781db8f1e840d936659d0fbc2c27048be29fa7a31b3c79bd5e73b436e3a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc47422df94c9eef049af29db782a391758e4776e9c509bf965d6c70048d2808
bca08fc5063082bb1149350f4135152e40f8cdfaf88f3e6e24c8a5659f032267
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c131fee562496f2d828179290fbeb35dce0cc200a5f605e0e62680f3ec52d807
c18e7bdd218acd88339290d74f410ef0917aed1e88cca32fd7fbe76b90b70188
c240bd7558ec0b6ecd1809a637d64b67d4a56a6a1454f5ee6d7c97208f8db35e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4d892d57f18987d53118c63227266eaa400666bdf388653d6c217c649002332
c5f0a05dcccb0cd97577bcb5345dd9f34a9090738b521ae356b2d605cbed62d0
c6d63000e13ceb986011042f00275c50a324c3f9b8adf83b3706e1fdffa2bf3f
c837e72a358918e0be398a4357300c6425d39e121313b35b8f58cd9a6dc72f44
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
cabf421aa6617303e51beaa7dd70f293b0c1d81fe7aee539997b9a4c55cff589
cc3256cced9eaa0f6840ba7f1206ece912fd040edd228ba3f122a38f0c6eb41a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
ce7401beae1524ad015de90f05cc7e59f38901e5ff9f8ba080da26c5fc5988c2
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
cf8094738382f20ed29443d574cbefc09a10917c51a55659ee27ec390795de28
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2d98a3920208ff62ee7b606975bdedfb3367e4066adb59847ffdf447d0944f5
d2fd0c235da79fc27490d1f0d345f681e24fc32e869335c438f00feb595b588b
d450a8525b3c631cb54ab36fcd7ac2619f1a792016cfc947db8eb6efb2c9c98d
d464643e99a4586944f6aa31f95e78ea322322fcb81cb05c6fa57a8915b3a5d2
d628f6cb07deaf923239fe0be78934cc31ce0bf6a2b694d1f0f5e30e8ee31580
d6d032e73dcd2934153478b71bfbb38bec59b972996ba9c13c663de417f32057
d7609d61ec6ac9e0ddafbfa849032a9f394b8e4a3c67119862331fdfc4066212
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d9abd4f5bd186b561c72036285eda558a4489b2f07ddd287fd969c749f6f2a26
db839711e16b794d18153609cc39005d09ee1ce7978257f464f61d6f30357eea
dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc094f38237e92914c5af4b655d224d4f673360efbb89b5b45b6c921926540b3
dd270679c6bae425ec01fa11ae1ff919d7d78b1780da49ef561bc0911e46f7c9
dd86f01245e30b4e925634fcb37eff8372d0bd58568985a91c85bfa5f57a6024
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df3b98fe59fe0677430a5252a1bda45c07c228f9aafdf4a01ddf8644f3b75b90
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
e0e196048b6ee85015e4c68119aa4e7c824acadf9827551b41987d0d8af88168
e19180aa696c7d0abc642b11c03e37b87eb76836abadb7f3ecb06232bddd1d07
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e32d54bf6f0e319a88c8456ad440805b3c930643d35628d4a1a9bc7b415d76af
e36021f9cfe17b368b877bfcb879a73e7a9b76a094ed9f963ddf031b83237e6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca3ba72789fe0ad216486167c5a4b255015738c8fb67267531ec84cc16157f
e3e521ba002d4baa68364a180a99e4963485cb47f7d96e7f733ea3d67dc50f1e
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e54c5099e5450dfa33b7d23a9f7882dbc89fe24728601cc18dfaf21d9cee9563
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5fc5c95546fa8525e1ddb79e653f7ce8ce04469a2afaaf524e3e9a2a9d16483
e71d7f6d8594f2a91ae49cb8a7b70f217c659ae55d1013b1074eeb3c821cafb8
e7fb862aa44cb8948a6fd72b89d7383dc5eca566aee7f462b0f0ebabd5ed71cc
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e878b8484e8dc1a13d39f4a53afe69c93e732a129a1d48d45c63cd22820a3bec
e87a03c7926c20818549eed4d973bfc90d895ef1d707fccad81ea1636beda59b
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
ea22e0515cf1109784cc2fd38c1b8873abe5ac0761ac13f59630168105b1148a
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a5b419636160849a93bdfaf44d739aa4aeb806d84d38979260a9e179591dd
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
f332d8cb7b8da539d4606e7a9f4825f2ce355a5052f0e9ae7c85e971ed234608
f4382340e8fd645503b5423ef43420765f3739c63480909b3f592a9d2bdee389
f4ce982175c73886c783e8783c9fcda1eaca6f2f48a7fd8d18f7991fb5c07477
f532a07cfc6c4e754d9ed48bcf15823b798a23f362cd73452fd9f5cd62daf957
f59cd452008be9f54e2588dcd6dc44c8676369a9a58d30ac2d036a01050ad85b
f8d284910d8d0503e89d72a5ee16fe4a710e30273b71c6846fb11d3fc11a1f60
f940a079f3fb1dacfa8d85b872718d8cc11d8d5b9e9e244fa440c03bffecfeec
f9b5275bd84413d7b756a353590f53593c48d5a59955a529c5927e3db7baf8bb
fad3e09c83a92d3ea60c19ddde0d8ea55cefa6ff12586d26057eab6ee061c934
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fc1794333c65a150ae3c5d5ba66a51dbcb7c4789b979b2ea4084c830aad9b13d
fd531f9dde4d22dfe6cdebb61d03aaaaca6ccd5ba6b8e09b8f50e9fcfa6b6314
fe98e62434c662571cafd2d72e3724925f9e3fb4fb5f173b70d6a02c296154c3
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

kooora4lives.net Open in urlscan Pro 2a00:1450:4001:808::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

461 Requests

92 %HTTPS

40 %IPv6

56 Domains

88 Subdomains

72 IPs

9 Countries

3956 kBTransfer

10181 kBSize

51 Cookies

7 Outgoing links

Page URL History

Redirected requests

461 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kooora4lives.net Open in urlscan Pro
2a00:1450:4001:808::2001 Public Scan

Screenshot
Live screenshot

Full Image

461
Requests

92 %
HTTPS

40 %
IPv6

56
Domains

88
Subdomains

72
IPs

9
Countries

3956 kB
Transfer

10181 kB
Size

51
Cookies

461 HTTP transactions
16 data transactions