kooora4lives.io Open in urlscan Pro
2606:4700:3032::ac43:8365 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kooora4lives.io/
Effective URL:
https://kooora4lives.io/
Submission: On May 26 via manual (May 26th 2023, 6:39:23 am UTC) from IN — Scanned from DE

Summary HTTP 210 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 26 domains to perform 210 HTTP transactions. The main IP is 2606:4700:3032::ac43:8365, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora4lives.io.
TLS certificate: Issued by GTS CA 1P5 on April 1st 2023. Valid for: 3 months.

This is the only time kooora4lives.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:3fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3032::ac43:8365	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225b:7000:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
43	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681b:4071	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	99.81.148.54 99.81.148.54	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
24	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
12 16	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
7 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 11	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
6	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21f... 2600:9000:21f3:fc00:19:8ca6:3640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
210	38

1 2606:4700:3033::6815:3fc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kooora4lives.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:8365 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora4lives.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4fe (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:7000:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681b:4071 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.148.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-148-54.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.66 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.173.215 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:fc00:19:8ca6:3640:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pathtosuccess.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	406 KB
37	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337	330 KB
24	demand.supply live.demand.supply — Cisco Umbrella Rank: 35452	39 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	209 KB
15	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	10 KB
12	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 486 rtb0.doubleverify.com — Cisco Umbrella Rank: 702 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 18271	63 KB
11	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	12 KB
6	kooora4lives.io 1 redirects kooora4lives.io	84 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	266 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
3	pathtosuccess.global cdn.pathtosuccess.global — Cisco Umbrella Rank: 39498	346 KB
3	gstatic.com www.gstatic.com	15 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837	7 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	172 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3109	315 B
2	kooora4live.com www.kooora4live.com
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 862 id5-sync.com — Cisco Umbrella Rank: 421	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	12 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17397 s4.histats.com — Cisco Umbrella Rank: 15071	5 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	878 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9037	531 B
210	26

	Domain	Requested by
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com kooora4lives.io a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com kooora4lives.io a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com googleads.g.doubleclick.net
24	live.demand.supply	kooora4lives.io live.demand.supply client
20	s0.2mdn.net	kooora4lives.io s0.2mdn.net
16	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net
15	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
11	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	kooora4lives.io a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com pagead2.googlesyndication.com
9	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
6	cdn.doubleverify.com	kooora4lives.io cdn.doubleverify.com
6	a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	kooora4lives.io	1 redirects kooora4lives.io
5	www.googletagservices.com	kooora4lives.io a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
3	cdn.pathtosuccess.global	a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com cdn.doubleverify.com
3	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
3	www.gstatic.com	kooora4lives.io a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
3	rtb0.doubleverify.com	cdn.doubleverify.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	kooora4lives.io www.googletagmanager.com
2	googleads4.g.doubleclick.net	kooora4lives.io
2	fonts.googleapis.com	a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com kooora4lives.io
2	www.google.com	1 redirects tpc.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	www.kooora4live.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	s4.histats.com	s10.histats.com
1	region1.google-analytics.com	www.googletagmanager.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	s10.histats.com	kooora4lives.io
210	39

This site contains links to these domains. Also see Links.

Domain
kooora4lives.tv
go.yalla-shoot-matches.com
kooralive-tv.net
koraonline-tv.net
yalla-shoot-tv.net
fal3arda-new.com
yallakora-tv.net
koooralive-tv.com
bein-match.net
yalla-goalz.com
as-goal.io
kora-online-tv.net
yalla-shoots.co
yalla-lives.io
yalla-shoot-tv.io
kooora-lives.com
livesoccertv.tv
soccer-stream.tv
yalla-shoot.kooora365.com
livehd7-tv.com
egylive-tv.com
korastar-tv.net
livekoora-tv.com
yallalive-tv.net
sulvo.com

Subject Issuer	Validity	Valid
*.kooora4lives.io GTS CA 1P5	`2023-04-01` - `2023-06-30`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.kooora4live.com GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
cdn.pathtosuccess.global Amazon RSA 2048 M02	`2023-04-20` - `2024-05-18`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://kooora4lives.io/
Frame ID: 575476B5786EFA92874663F77901863B
Requests: 71 HTTP requests in this frame

Frame: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7E8D2DA0B712C95A4A4BC145CC742765
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=kooora4lives.io
Frame ID: 1204512CB32962AB623A79979E214663
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 81207165860B6037C2962D33DFDF9855
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E905A2868D54FB9DC1EE2B3B1B2A55C8
Requests: 2 HTTP requests in this frame

Frame: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C95A366E8BD4AAFEEDB180E91301563D
Requests: 1 HTTP requests in this frame

Frame: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C8772441CCD31375C88CE48F68AA5B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUAOpVHP4QEaBedwtHbIR0xL_yY5eX6P5fQbWj9s-_KDElL4266YCWd0eWdeKeX71En4yPt-wKGkytYnCu7waCGmyeh2706o1sYJqVancbbA91gD4RXRcrqT-clScq5e6ekVedFwatlQPwh3Wlt3lJD1B4oOxAKOvT01tdlVa3nnv4QMhT97JjYwuJOohYXFhyL9KFBNRauv8skhxcKRm-lI4M_iA
Frame ID: 74FF102E2E716EC6682D7189E03A73C1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 86AF5738913B99079CE6FB1540716F38
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_Is4lLlc5k1isEc9O8FsDvcPRTeQ5tEGw4d49WfNbKQozo3grCow87sx5KqSdHRbrOTSsiiyzMfxsyuu_xubMjwM4jdJljaZm9AjkThg08TpUbw617NYJe77GE5cIlZB803T_ZbkgAwwdqIuR9Bxr6jvo_HGbqV_ls6j46Uddcm8i7TV22cBfWA1QZHXoyn8MgqUoqbCeeEpsNn-GNCLZzKFWpw
Frame ID: EE64F518D10851A9418CE51305962B5D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AFB01F75CBFCB6F82DE198E8D939F7F4
Requests: 18 HTTP requests in this frame

Frame: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2390F183E7669456110C140636E95C3B
Requests: 1 HTTP requests in this frame

Frame: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4661AA3434BAC4BB787613AA29B57EF
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwdfpbwOKXs14mBJ_hS-lViljd-aMOPYIPkpajab769zFpIWZI_F3B8WInMIFtSd4jSrsDz_5W9eiTIG8OIGRa-CyvU5b3USXWV-1cPnZCsmhJtDoV0FVFhc57p8q54iSOKQxM_LbFHFKNzTJReYDxv1SWJSpVb_JQZ0xoZNkfyrMCZxBNPCG87bQXBQZ8c7ZEGIk6Hf4PZ4cpREMWXg-2k_0pYA
Frame ID: A5C16F583A84A60377696E1B2ACCA053
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0F444B713B1B3D68EE29E11F4E84ADC7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiX993qATAB&v=APEucNXX90fImQEcC56DcMi3_xlULfRD99oi2vpaKeEy0L_g6X5Gzq5LeRu3Bmw8-YVYHwvwdYqAH3o_Y3yGtODkUEsACRb7mDuYHeXuIa5s0Ipu5JVjHg3cHbje-fga4sWZWY1ZWgOkgprpSPR2TfsmBlNtsYiZDfH1tdcIxQiwZ1_QF_UNvVAYP0RhZa1GTYj-iOYMmO9Em13nnuYDTEhaXGXXd2CTIQ
Frame ID: A4F2CC6F8024F0D70E7C5039A10B9076
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 35DBF471B1E4CF643005AF266579E8C3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7FEC42C81A8595C8EF31A2159E26ACB9
Requests: 3 HTTP requests in this frame

Frame: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E934EE7B891A8EE24B9CF932A537B4E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7BEFD2BB7369CEA3EE8823B1BB08E16C
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0876DAF9C0D5AF827E89C9DF03C53CF1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C9AE3F4FF5E6F0F9311108BA5EC89BF
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
Frame ID: 11B4C71CFAAE6E38EC0552EB32E39384
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 12179DACD77BBCD1A56C599D82365EC0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Frame ID: 281AF39AC79FE9241F14314933F7EA6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة 4 لايف – koora4live اهم مباريات اليوم kora4live

Page URL History Show full URLs

http://kooora4lives.io/ HTTP 301
https://kooora4lives.io/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

210
Requests

92 %
HTTPS

68 %
IPv6

26
Domains

39
Subdomains

38
IPs

5
Countries

2024 kB
Transfer

4655 kB
Size

26
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://kooora4lives.tv/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h2/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooralive-tv.net/
Title: koora live

Search URL Search Domain Scan URL

URL: https://koraonline-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.net/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://fal3arda-new.com/
Title: fal3arda

Search URL Search Domain Scan URL

URL: https://yallakora-tv.net/
Title: يلا كوره

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/bein-match/
Title: bein match

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/yalla-shoot/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/fil3arda/
Title: fel3arda

Search URL Search Domain Scan URL

URL: https://bein-match.net/
Title: beinmatch

Search URL Search Domain Scan URL

URL: https://yalla-goalz.com/
Title: yalla goal

Search URL Search Domain Scan URL

URL: https://as-goal.io/
Title: as goal

Search URL Search Domain Scan URL

URL: https://kora-online-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoots.co/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-lives.io/
Title: yalla live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://yalla-shoot.kooora365.com/
Title: Yalla Shoot

Search URL Search Domain Scan URL

URL: https://livehd7-tv.com/
Title: الاسطورة لبث المباريات

Search URL Search Domain Scan URL

URL: https://egylive-tv.com/
Title: ايجي لايف

Search URL Search Domain Scan URL

URL: https://korastar-tv.net/
Title: كورة ستار

Search URL Search Domain Scan URL

URL: https://livekoora-tv.com/
Title: كوره لايف

Search URL Search Domain Scan URL

URL: https://yallalive-tv.net/
Title: يلا لايف

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://kooora4lives.io/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kooora4lives.io/ HTTP 301
https://kooora4lives.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kooora4lives.io&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=dzoZrHxSMk9PRnhZUlFkdHhjaG5mSkNpMnJkMmpESkFGbGo2ejFRVUhyY3lTcjZickFPOVdaUWtOaEx3TXVVOFFkeFgzWWROdmNiN045MWRpa2Y4RDlJbHVqMXdPTlhiT2E0YndEMituTE5tOCtSUzN1YS8yWlM0cTg2MWtQeGh4Skx6amVMWDl3L0VEdUxpczFnR21KTXQrc3NKZUgySEZ5enltT2FxbVc3WWZhL3VXdTlLeEwvY1RmekRudy81bndVc0tTK3J5QnlkQk9GVndFTDY5d2JITU11TXMrbWU0MHhVUXBsVVc5cXNsTjI4QXZZanVkSE03VUNyYnA0bXhiT0VFQmRpNUZqcXBIOXpvbDBFbjl2VlVNb3Z3OERMaVNsaU5ZL0ZRSnA0UmVkND18&cppv=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFRevVB7YH27FnuL4bwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Request Chain 114

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTIzMDAyMjE3NTYxOTY5NQ%3D%3D

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFY18qKZvlQ6ihlsbzQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2MDM2MDg5MjU1MjE5NjY2

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFRevVB7YH27FnuL4cAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFY18qKZvlQ6ihlsbzQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

210 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kooora4lives.io/
Redirect Chain

http://kooora4lives.io/
https://kooora4lives.io/

60 KB
13 KB

232ms
185ms

Document
text/html

2606:4700:3032::ac43:8365
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8365 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ebd3d23946246625fb46e6b69e23a236ef8be73463a19b3b4c38d4f6e407f9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate max-age=7200
cf-cache-status: DYNAMIC
cf-ray: 7cd40520de4b0472-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 06:39:16 GMT
expires: Fri, 26 May 2023 08:39:16 GMT
last-modified: Fri, 26 May 2023 06:17:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvVnPNKEajIVqcBF1R4bABE3xNbyf9%2Ff3Ud4XfzKMAMBg4Wm5FX1BGzJw2pZLT3BRHPHqYLMCImZStN7KIVFqufUNCrhZpzSGnX%2FhLtn4W4iLmyCeZvBTbukgLCUMOe%2Fe8SOUduYM%2B3yQlgkGRo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie

Redirect headers

CF-RAY: 7cd40520581f9c0a-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 26 May 2023 06:39:16 GMT
Expires: Fri, 26 May 2023 07:39:16 GMT
Location: https://kooora4lives.io/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8jZI0Fw0AjEWKK%2Fgx25NPGSLrgBSnXuV88fcyhnUK5G9DHpK6Ckm2MlVC4u9WilzyKOZ0tg2U%2FPkXgpq3onq9dCOnWmVWfPmglWEwYsy8sdMbKbrFy61lnPVx5%2BOqBuv2V2ZLO%2FVR0lSuY1g%2BI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
kooora4lives.io/wp-includes/css/ 291 B
596 B 28ms
27ms Stylesheet
text/css 2606:4700:3032::ac43:8365
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.io/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8365 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 480973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 30 Mar 2023 05:03:39 GMT
server: cloudflare
etag: W/"6425182b-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9rRVFkjErxQetTD1hXzeAtYTsk3MKC2HWcx5HfgkexJ0e%2FrPuZ4r7yfgn5TUnZf%2FYeO2wEUzVrJzPz35j7qFSJz%2BQDlMLe281TjRGUsVPTjR2vecKZuOW4QnnD5okmBNkaFzwTyFokqB%2FGbKsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7cd4052208570472-FRA
expires: Mon, 19 Jun 2023 17:03:03 GMT

GET
H2 200 NeoSansArabic.woff
kooora4lives.io/wp-content/themes/AlbaKora4Live-v6/fonts/ 56 KB
56 KB 28ms
27ms Font
application/x-font-woff 2606:4700:3032::ac43:8365
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.io/wp-content/themes/AlbaKora4Live-v6/fonts/NeoSansArabic.woff
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8365 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://kooora4lives.io/
Origin: https://kooora4lives.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:16 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 14:24:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 818814
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQCboj0F1wMA4ThQ9gTX6KzGH19sQNG9JkRheDbdf2o9UN%2F4tmdkQ%2FFLdh3S7CjEQ3D%2FmEDPqThwDmXj1MqqQHQ2VhRS6wIAl%2FFbbITK4ST%2Bco5dIao1xRFk%2BGhY0pTSFDnYlW3jX46yWIq0m3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7cd4052208590472-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57364
expires: Wed, 15 May 2024 19:12:22 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 223ms
162ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f461f8903e53560e1f4bcbd16a514b6d4975b3d5cde8cc291841df76fbe6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H0JH3JA8TSZ1S1CGSMZY0Q5D
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 65
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7cd40522684bbb55-FRA
link: <https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/a29vb3JhNGxpdmVzLmlvLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 kooora4live.png
kooora4lives.io/wp-content/uploads/2022/12/ 8 KB
9 KB 45ms
45ms Image
image/png 2606:4700:3032::ac43:8365
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.io/wp-content/uploads/2022/12/kooora4live.png
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8365 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb451155dbe12a0b7a999e8d968b8a4f00e04e3010b1058723f16bdd659761d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8546
pragma: public
last-modified: Sun, 18 Dec 2022 19:17:40 GMT
server: cloudflare
etag: "639f6754-2162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOIu7CAxKNd87JdVaBoZxXIDzOFqCDokIefFx7xD4o83j6gxW6K%2FjfYDa58aGVfTvfV9WH0SMJiJgGJPbxkZURM5Giog4Tb5VIToQEgnjxwt2PzDtxZoIDrdNl00PZAk%2FondbU3%2BDJLnyPeMrbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7cd40522085c0472-FRA
expires: Thu, 15 Jun 2023 19:12:22 GMT

GET
H2 200 rocket-loader.min.js Show response
kooora4lives.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
22ms Script
application/javascript 2606:4700:3032::ac43:8365
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora4lives.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8365 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64678b77-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mm47zj8dDGHWF4h3C8KcAP73X9zW%2F3Ys8jP903Mj1STDghCUPNt0QKJqAUtjxBe1gTKD2jmKZA0TqSaxS%2F9CHBNXOVRpEU80kiHr%2FmdJr8WCOO8Dn7VJ78%2BhM3mbc%2FNxOiRjWEL9ZMdQV%2F2VHNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7cd40522185d0472-FRA
expires: Sun, 28 May 2023 06:39:16 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 83ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-150096121-1

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58f0dcf40e0b0446914b817a2202806b5bbac4b4472c11b210ee066b3f0a5445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46898
x-xss-protection: 0
last-modified: Fri, 26 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 06:39:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 114ms
64ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113096037-1

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34b2a9b18dcb7940d94fdcfde9e840017c9437c0956afb524e86fc259e43dbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 06:39:16 GMT

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 impl.v16.9.1.js Show response
live.demand.supply/ 74 KB
24 KB 30ms
29ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.9.1.js
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H0JGE5H42NN0NCVBZSKPPTF4
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 834755
cf-polished: origSize=75573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7cd405237915bb55-FRA

GET
H2 200 a29vb3JhNGxpdmVzLmlvLw== Show response
live.demand.supply/p4/v16-2-0/ 1 KB
731 B 165ms
165ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef388430bde818f8674a2dbaf7d85bb18319dd519b14067822b113cf99b4145a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7cd405237918bb55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 131ms
107ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=224&cs=c&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405239da93a79-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 189ms
118ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c7adf8a7f84ee47c1e5ac8a00c68c20ff9218f4d004f9d6a2dd62554da624a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25194
x-xss-protection: 0
server: cafe
etag: 657 / 19503 / 31074874 / config-hash: 8162924834617908161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
640 B 128ms
104ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GZ1TAY3T7YTHNP9KK8QHJTP4
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1407029
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7cd405239dad3a79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 kooora4lives.io_fluid_sq_new-ads Show response
live.demand.supply/cp/ 30 B
390 B 176ms
175ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora4lives.io_fluid_sq_new-ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8b86e1d1aa1e0b901a615cb02db749400fade40abe16824ac505a7e6c217dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7cd40523bde03a79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H3 200 kooora4lives.io_fluid_sq_new-ads Show response
live.demand.supply/cp/ 30 B
395 B 226ms
226ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora4lives.io_fluid_sq_new-ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8b86e1d1aa1e0b901a615cb02db749400fade40abe16824ac505a7e6c217dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7cd40523bde23a79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H3 200 kooora4lives.io_fluid_sq_new-ads Show response
live.demand.supply/cp/ 30 B
395 B 221ms
221ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora4lives.io_fluid_sq_new-ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8b86e1d1aa1e0b901a615cb02db749400fade40abe16824ac505a7e6c217dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7cd40523bde33a79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H3 200 kooora4lives.io_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
392 B 219ms
219ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora4lives.io_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a90afbd30f25560c1b09e1e415f8cc5f0ffbc69ff4fe7c7d925a8e23628a043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7cd405248eb43a79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/ 405 KB
125 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64844f8925b251163ea6b1ce7684859a3c1cc2fd394e68b5406214fb8dc53750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74307
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127947
x-xss-protection: 0
server: cafe
etag: 6651312291549162462
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 24 May 2024 10:00:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 921 B
407 B 96ms
54ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kooora4lives.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efcac51ddb97e33cc9cc4cdb2a75360ecfa2b48092b473bba8cabda6fdbac368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 382
x-xss-protection: 0
expires: Fri, 26 May 2023 06:39:17 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 30ms
29ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora4lives.io_fluid_sq_new-ads&pdc=0.03406469225883484&ucv=null&e=tcp&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd40524df113a79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
499 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kooora4lives.io_fluid_sq_new-ads&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H01A5MYXWSJT0G0KTEFSBSTT
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1308701
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd40524df133a79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 96ms
96ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora4lives.io_fluid_sq_new-ads&pdc=0.03406469225883484&ucv=null&e=tcp&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405251f553a79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
501 B 99ms
99ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kooora4lives.io_fluid_sq_new-ads&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H01A5MYXWSJT0G0KTEFSBSTT
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1308701
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405251f583a79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 102ms
102ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora4lives.io_fluid_sq_new-ads&pdc=0.03406469225883484&ucv=null&e=tcp&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405252f653a79-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
500 B 102ms
102ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kooora4lives.io_fluid_sq_new-ads&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H01A5MYXWSJT0G0KTEFSBSTT
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1308701
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405252f663a79-FRA

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 84ms
32ms Script
application/javascript 2606:4700:10::6816:4fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 49372
etag: W/"5e983700-2cb0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=28800
cf-ray: 7cd40525bc31373e-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
499 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H01A5MYXWSJT0G0KTEFSBSTT
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1308701
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405256fb03a79-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1CZ11PEPC4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113096037-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd7f89653ed87db94d9337cdcca1baefe8943baf7b8bbd143f1b51165481a911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113096037-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 05:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5663
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 07:04:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 121ms
34ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 88ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 71ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26390
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-etou8220046-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 94ms
25ms Script
text/javascript 2600:9000:225b:7000:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:7000:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 05:58:55 GMT
Via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 2423
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: YcRHVrmG0_PX_G6vKT1WXIOAZvTz8N8QU3uUD03ZkUyGP3MehqTSJQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 143ms
66ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 06:39:17 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 80ms
25ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 05:04:48 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6896
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: N2Yxh1x7O6CZsNo9pZFoHE0L7hn-R7wU2Je2PBaSCDR25SN4vfpVZg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 78ms
29ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: E4WC8ZW8FRBSGGPP
age: 1170
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7cd40525e927360a-FRA
x-amz-id-2: TMsGokgS315E6FqOBpK9yhlvLe7KChSKw0QjhrjgzOykJJ1NA1RdC2F8KGuLwT24kR5DpOJ39SZBKc9KV8oH4w==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 73ms
22ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:11:08 GMT
via: 1.1 google
age: 1689
x-guploader-uploadid: ADPycdvMAR13ArZLTtADAGU0JtStjpN1hvQOgIs-Pb5IMEXcoWe95oTprhVDqVgVJK9Glpowa_I6LwD41RNf6gGqUrixSA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Fri, 26 May 2023 07:11:08 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 156 KB
46 KB 683ms
683ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=262028666241815&correlator=875348832966391&eid=31074850%2C31074874&output=ldjh&gdfp_req=1&vrg=202305240101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C047deb1e-1878-4406-9e53-ef4e73f4eeff&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=223900588&didk=733509364&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Ddd08722b-cbcb-4ba8-93ae-0d82fbaefb0c%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D10%26bid-p%3Dgoogle%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685083157373&lmt=1685081822&dlt=1685083156799&idt=514&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora4lives.io%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=75265623.1685083157&ga_sid=1685083157&ga_hid=1147736838&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY9eahtoUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj15qG2hTFIAFICCGQSGQoKcHViY2lkLm9yZxj05qG2hTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y9eahtoUxSABSAghkEhcKCHJ0YmhvdXNlGPXmobaFMUgAUgIIZBIZCgp1aWRhcGkuY29tGPXmobaFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af8d55ed68b959116a2e457eb771bc94ea3e27a51e77389d6b820dc8951dd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46673
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 269ms
268ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=262028666241815&correlator=3656945194930374&eid=31074850%2C31074874&output=ldjh&gdfp_req=1&vrg=202305240101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C16acd70d-9619-4c63-90d5-935d507bd92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=2&adks=3679748793&didk=3672818428&sfv=1-0-40&prev_scp=ti%3Ddd08722b-cbcb-4ba8-93ae-0d82fbaefb0c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D90%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685083157379&lmt=1685081822&dlt=1685083156799&idt=514&adxs=326&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora4lives.io%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=75265623.1685083157&ga_sid=1685083157&ga_hid=1147736838&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY9eahtoUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj15qG2hTFIAFICCGQSGQoKcHViY2lkLm9yZxj05qG2hTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y9eahtoUxSABSAghkEhcKCHJ0YmhvdXNlGPXmobaFMUgAUgIIZBIZCgp1aWRhcGkuY29tGPXmobaFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

255be961e3f28c2b0e2b06c64e50e1e17f6e624ada57843cf0b1f9e283a06a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13156
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 350ms
348ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=262028666241815&correlator=2166794637205080&eid=31074850%2C31074874&output=ldjh&gdfp_req=1&vrg=202305240101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C16acd70d-9619-4c63-90d5-935d507bd92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=603602945&didk=3672818430&sfv=1-0-40&prev_scp=ti%3Ddd08722b-cbcb-4ba8-93ae-0d82fbaefb0c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D90%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685083157383&lmt=1685081822&dlt=1685083156799&idt=514&adxs=326&adys=469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora4lives.io%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=75265623.1685083157&ga_sid=1685083157&ga_hid=1147736838&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY9eahtoUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj15qG2hTFIAFICCGQSGQoKcHViY2lkLm9yZxj05qG2hTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y9eahtoUxSABSAghkEhcKCHJ0YmhvdXNlGPXmobaFMUgAUgIIZBIZCgp1aWRhcGkuY29tGPXmobaFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4332a338ca2ea59fad2227da54b1d3c1a01f9eb0498ae09f783df261b35867ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13139
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 307ms
305ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=262028666241815&correlator=928882509691459&eid=31074850%2C31074874&output=ldjh&gdfp_req=1&vrg=202305240101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C16acd70d-9619-4c63-90d5-935d507bd92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=249452711&didk=3672818429&sfv=1-0-40&prev_scp=ti%3Ddd08722b-cbcb-4ba8-93ae-0d82fbaefb0c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D90%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685083157386&lmt=1685081822&dlt=1685083156799&idt=514&adxs=326&adys=923&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora4lives.io%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=75265623.1685083157&ga_sid=1685083157&ga_hid=1147736838&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY9eahtoUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj15qG2hTFIAFICCGQSGQoKcHViY2lkLm9yZxj05qG2hTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y9eahtoUxSABSAghkEhcKCHJ0YmhvdXNlGPXmobaFMUgAUgIIZBIZCgp1aWRhcGkuY29tGPXmobaFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

419f7064b858648a001bff9fb2691374aba791da173f77ba45a301704cb38407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13146
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 124ms
71ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e8ddff6f75b3974be1fc6ec3780c24ee0404de540b8bfcdb1e46fb80f6f1f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11236
x-xss-protection: 0

GET
H2 200 container.html Show response
a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7E8D 6 KB
3 KB 134ms
28ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Sat, 25 May 2024 06:39:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/ 36 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl_page_level_ads.js?cb=31074874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70df4ffd54b36b785e335ea57f265c31c873b3e4b4d0a6164ab36a30b88887a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50581
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12966
x-xss-protection: 0
server: cafe
etag: 6770289643321872203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 24 May 2024 16:36:16 GMT

GET
H2 403 egy_el_geish.png
www.kooora4live.com/wp-content/uploads/2019/02/ 0
0 118ms
24ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/02/egy_el_geish.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 403 egy_al_ahly.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 119ms
26ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_al_ahly.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 78ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1CZ11PEPC4&gtm=45je35o0&_p=1147736838&cid=75265623.1685083157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685083157&sct=1&seg=0&dl=https%3A%2F%2Fkooora4lives.io%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%E2%80%93%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20kora4live&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1CZ11PEPC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 97ms
97ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora4lives.io_auto_728x90_sticky_display_bottom&pdc=0.01909826546907425&ucv=null&e=tcp&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd40526086b3a79-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 102ms
101ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2084123
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7cd405260ec939f1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
500 B 102ms
102ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=kooora4lives.io_auto_728x90_sticky_display_bottom&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01H01A5MYXWSJT0G0KTEFSBSTT
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1308701
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd40526086c3a79-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 311ms
311ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=262028666241815&correlator=2194629975454562&eid=31074850%2C31074874&output=ldjh&gdfp_req=1&vrg=202305240101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C441c4948-f8a6-4633-afda-57bdeeb52d70&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=4041016008&didk=702500963&sfv=1-0-40&prev_scp=ti%3Ddd08722b-cbcb-4ba8-93ae-0d82fbaefb0c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685083157444&lmt=1685081822&dlt=1685083156799&idt=514&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora4lives.io%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=75265623.1685083157&ga_sid=1685083157&ga_hid=1147736838&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9eahtoUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj15qG2hTFIAFICCGQSGQoKcHViY2lkLm9yZxj05qG2hTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y9eahtoUxSABSAghkEhcKCHJ0YmhvdXNlGPXmobaFMUgAUgIIZBIZCgp1aWRhcGkuY29tGPXmobaFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32e19cd99c6d29bde17c20a0b8c6f16a815ff8e2f8cc984c7b32e871c14b129f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9715
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 343ms
108ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4732763&@f16&@g1&@h1&@i1&@j1685083157455&@k0&@l1&@m%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%E2%80%93%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20kora4live&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:29513736&@b3:1685083157&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkooora4lives.io%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: 33dbac73fb48402c100feec54563fbe7baa4219b88bf556d1c78174e7990a8b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:17 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 28ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1147736838&t=pageview&_s=1&dl=https%3A%2F%2Fkooora4lives.io%2F&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%E2%80%93%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20kora4live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=753447918&gjid=1288997861&cid=75265623.1685083157&tid=UA-113096037-1&_gid=516852680.1685083157&_r=1&gtm=457e35o0&jsscut=1&z=976700790

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kooora4lives.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 28ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1147736838&t=pageview&_s=1&dl=https%3A%2F%2Fkooora4lives.io%2F&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%E2%80%93%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20kora4live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=374613109&gjid=690149065&cid=75265623.1685083157&tid=UA-150096121-1&_gid=516852680.1685083157&_r=1&gtm=457e35o0&jsscut=1&z=1438072008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kooora4lives.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 38ms
36ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 50e41677ba3112cf4b7d14025da2831c2fdd7604c0d8f13468b833fb1958bbdb

Request headers

Referer: https://kooora4lives.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: e51ab3b834ba9faca570cda924202fb7
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 106ms
40ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kooora4lives.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://kooora4lives.io
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 26 May 2023 06:39:17 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 7027b6e5c5cba0abf7cd0e53776262b9

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 80ms
21ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kooora4lives.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.io
date: Fri, 26 May 2023 06:39:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 148ms
46ms XHR
application/json 99.81.148.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.148.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-148-54.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0b96aa7b573f5f011bbc7e8cf86eff7baafd0edc4d7cac4746166413f3ebaafa

Request headers

Referer: https://kooora4lives.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://kooora4lives.io
cache-control: no-cache
x-server: 10.45.13.246
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1204 15 KB
6 KB 105ms
36ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=kooora4lives.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 371784
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 107ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1204
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kooora4lives.io&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=dzoZrHxSMk9PRnhZUlFkdHhjaG5mSkNpMnJkMmpESkFGbGo2ejFRVUhyY3lTcjZickFPOVdaUWtOaEx3TXVVOFFkeFgzWWROdmNiN045MWRpa2Y4RDlJbHVqMXdPTlhiT2E0YndEMituTE5tOCtSUzN1YS8yWlM0cTg2MW...

439 B
668 B

305ms
31ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dzoZrHxSMk9PRnhZUlFkdHhjaG5mSkNpMnJkMmpESkFGbGo2ejFRVUhyY3lTcjZickFPOVdaUWtOaEx3TXVVOFFkeFgzWWROdmNiN045MWRpa2Y4RDlJbHVqMXdPTlhiT2E0YndEMituTE5tOCtSUzN1YS8yWlM0cTg2MWtQeGh4Skx6amVMWDl3L0VEdUxpczFnR21KTXQrc3NKZUgySEZ5enltT2FxbVc3WWZhL3VXdTlLeEwvY1RmekRudy81bndVc0tTK3J5QnlkQk9GVndFTDY5d2JITU11TXMrbWU0MHhVUXBsVVc5cXNsTjI4QXZZanVkSE03VUNyYnA0bXhiT0VFQmRpNUZqcXBIOXpvbDBFbjl2VlVNb3Z3OERMaVNsaU5ZL0ZRSnA0UmVkND18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

479e939890bf3baf4a53a3a242e42e54de3a4b969247f5ae305f562aa977daef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1443073
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=dzoZrHxSMk9PRnhZUlFkdHhjaG5mSkNpMnJkMmpESkFGbGo2ejFRVUhyY3lTcjZickFPOVdaUWtOaEx3TXVVOFFkeFgzWWROdmNiN045MWRpa2Y4RDlJbHVqMXdPTlhiT2E0YndEMituTE5tOCtSUzN1YS8yWlM0cTg2MWtQeGh4Skx6amVMWDl3L0VEdUxpczFnR21KTXQrc3NKZUgySEZ5enltT2FxbVc3WWZhL3VXdTlLeEwvY1RmekRudy81bndVc0tTK3J5QnlkQk9GVndFTDY5d2JITU11TXMrbWU0MHhVUXBsVVc5cXNsTjI4QXZZanVkSE03VUNyYnA0bXhiT0VFQmRpNUZqcXBIOXpvbDBFbjl2VlVNb3Z3OERMaVNsaU5ZL0ZRSnA0UmVkND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 15270015
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8120 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:35:48 GMT
expires: Fri, 24 May 2024 13:35:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E905 783 B
1 KB 86ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0f2240b664b95604941702fe7b2bfb91c3558c444766efee6ab4edde08ec120

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jmlyOgGy1rIcwAeSyC9W1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-jmlyOgGy1rIcwAeSyC9W1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Fri, 26 May 2023 06:39:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C95A 6 KB
3 KB 27ms
26ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Sat, 25 May 2024 06:39:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora4lives.io_fluid_sq_new-ads&sy=a2c0c429-7292-4d85-9863-e82c605b2c39&ts=79&cd=2&pud=224&pus=c&pue=532&pid=34&pis=c&pie=566&ppd=166&pps=a&ppe=699&pcl=354&ttc=754&tti=1183&ttif=0&lca=699&lcak=ppe&lct=699&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora4lives.io&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=dd08722b-cbcb-4ba8-93ae-0d82fbaefb0c&e=lm&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405278a633a79-FRA

GET
H3 200 9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js Show response
pagead2.googlesyndication.com/bg/ Frame 8120 37 KB
14 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 14:26:54 GMT

GET
H2 200 container.html Show response
a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C87 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Sat, 25 May 2024 06:39:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora4lives.io_fluid_sq_new-ads&sy=a2c0c429-7292-4d85-9863-e82c605b2c39&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora4lives.io&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=dd08722b-cbcb-4ba8-93ae-0d82fbaefb0c&e=lm&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd40527ba9b3a79-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74FF 624 B
826 B 91ms
36ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUAOpVHP4QEaBedwtHbIR0xL_yY5eX6P5fQbWj9s-_KDElL4266YCWd0eWdeKeX71En4yPt-wKGkytYnCu7waCGmyeh2706o1sYJqVancbbA91gD4RXRcrqT-clScq5e6ekVedFwatlQPwh3Wlt3lJD1B4oOxAKOvT01tdlVa3nnv4QMhT97JjYwuJOohYXFhyL9KFBNRauv8skhxcKRm-lI4M_iA

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Fri, 26 May 2023 06:39:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 86AF 78 KB
27 KB 89ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 86AF 2 KB
1 KB 287ms
48ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 86AF 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:05:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 86AF 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86AF 171 KB
54 KB 111ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86AF 42 B
63 B 59ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BS6HaYpiTfvFCOlR5sRLx1PB4pMt5N_9ZuLRJZFwnLYHq3zmmEMXlu8m864ULBFquHVLO38dD6xgRqXAmaKlKpZrXkuDahl5GTaQHtfJwF4KEUG1o

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86AF 0
20 B 60ms
55ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8715190312122151743&x=1&ct=77

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EE64 624 B
505 B 74ms
36ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_Is4lLlc5k1isEc9O8FsDvcPRTeQ5tEGw4d49WfNbKQozo3grCow87sx5KqSdHRbrOTSsiiyzMfxsyuu_xubMjwM4jdJljaZm9AjkThg08TpUbw617NYJe77GE5cIlZB803T_ZbkgAwwdqIuR9Bxr6jvo_HGbqV_ls6j46Uddcm8i7TV22cBfWA1QZHXoyn8MgqUoqbCeeEpsNn-GNCLZzKFWpw

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Fri, 26 May 2023 06:39:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AFB0 78 KB
27 KB 83ms
81ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame AFB0 2 KB
1 KB 268ms
48ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame AFB0 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:05:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame AFB0 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFB0 171 KB
53 KB 124ms
86ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFB0 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHgjjeqDtIhzve83LnlaRCy_4NFYAZCuT4paRa4n_A9zSbcJqrzCxvjb_4QElEXZyK2VIre6jdih_CslddCSusfs7Xiz-tew07gayOFjBB3cH3dH8

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFB0 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14597769200268472816&x=1&ct=77

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2390 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Sat, 25 May 2024 06:39:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 100ms
100ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora4lives.io_fluid_sq_new-ads&sy=a2c0c429-7292-4d85-9863-e82c605b2c39&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora4lives.io&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=dd08722b-cbcb-4ba8-93ae-0d82fbaefb0c&e=lm&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405280b023a79-FRA

GET
H3 200 container.html Show response
a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B466 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Sat, 25 May 2024 06:39:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 94ms
94ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora4lives.io_auto_728x90_sticky_display_bottom&sy=a2c0c429-7292-4d85-9863-e82c605b2c39&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora4lives.io&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=dd08722b-cbcb-4ba8-93ae-0d82fbaefb0c&e=lm&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:17 GMT
cf-cache-status: HIT
age: 1410510
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd405281b213a79-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E905 0
0 66ms
65ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305240101&jk=262028666241815&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A5C1 624 B
506 B 38ms
34ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwdfpbwOKXs14mBJ_hS-lViljd-aMOPYIPkpajab769zFpIWZI_F3B8WInMIFtSd4jSrsDz_5W9eiTIG8OIGRa-CyvU5b3USXWV-1cPnZCsmhJtDoV0FVFhc57p8q54iSOKQxM_LbFHFKNzTJReYDxv1SWJSpVb_JQZ0xoZNkfyrMCZxBNPCG87bQXBQZ8c7ZEGIk6Hf4PZ4cpREMWXg-2k_0pYA

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Fri, 26 May 2023 06:39:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0F44 78 KB
27 KB 156ms
154ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 0F44 2 KB
1 KB 196ms
47ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Requested by: Host: kooora4lives.io
URL: https://kooora4lives.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0F44 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:05:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0F44 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F44 171 KB
53 KB 63ms
59ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F44 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bpm-c3rTgaZ8UI6kOkDy5uhkMCDb6_tuJRlbbCcVsykL3L2ic0piLnJ0JRsttgb8_N0dKGc8EUpMkc5_akzwfXLJecXFXzzc-KmUbtrobCtj6TMZ4

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F44 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8364803040323479114&x=1&ct=77

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A4F2 624 B
242 B 41ms
34ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiX993qATAB&v=APEucNXX90fImQEcC56DcMi3_xlULfRD99oi2vpaKeEy0L_g6X5Gzq5LeRu3Bmw8-YVYHwvwdYqAH3o_Y3yGtODkUEsACRb7mDuYHeXuIa5s0Ipu5JVjHg3cHbje-fga4sWZWY1ZWgOkgprpSPR2TfsmBlNtsYiZDfH1tdcIxQiwZ1_QF_UNvVAYP0RhZa1GTYj-iOYMmO9Em13nnuYDTEhaXGXXd2CTIQ

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B466 78 KB
27 KB 171ms
171ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B466 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVyhFyIFIijjLpTTBi0y40udBDQ9ut4BX_PrchOxGsf7sENvgSws_OrV996qb3Knak9HfnIF6e9fkJIxskpe0BKpjvum-WmLOVUeLCQ-U0GwRVdv8

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B466 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2099050825646490078&x=1&ct=76

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame B466 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:05:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame B466 19 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B466 171 KB
53 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 74FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

45ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUAOpVHP4QEaBedwtHbIR0xL_yY5eX6P5fQbWj9s-_KDElL4266YCWd0eWdeKeX71En4yPt-wKGkytYnCu7waCGmyeh2706o1sYJqVancbbA91gD4RXRcrqT-clScq5e6ekVedFwatlQPwh3Wlt3lJD1B4oOxAKOvT01tdlVa3nnv4QMhT97JjYwuJOohYXFhyL9KFBNRauv8skhxcKRm-lI4M_iA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 74FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFRevVB7YH27FnuL4bwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUAOpVHP4QEaBedwtHbIR0xL_yY5eX6P5fQbWj9s-_KDElL4266YCWd0eWdeKeX71En4yPt-wKGkytYnCu7waCGmyeh2706o1sYJqVancbbA91gD4RXRcrqT-clScq5e6ekVedFwatlQPwh3Wlt3lJD1B4oOxAKOvT01tdlVa3nnv4QMhT97JjYwuJOohYXFhyL9KFBNRauv8skhxcKRm-lI4M_iA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 74FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

43 B
1 KB

28ms
20ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUAOpVHP4QEaBedwtHbIR0xL_yY5eX6P5fQbWj9s-_KDElL4266YCWd0eWdeKeX71En4yPt-wKGkytYnCu7waCGmyeh2706o1sYJqVancbbA91gD4RXRcrqT-clScq5e6ekVedFwatlQPwh3Wlt3lJD1B4oOxAKOvT01tdlVa3nnv4QMhT97JjYwuJOohYXFhyL9KFBNRauv8skhxcKRm-lI4M_iA

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
AN-X-Request-Uuid: 0890ba79-ad92-475f-8be3-5a5deeb4318a
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 74FF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTIzMDAyMjE3NTYxOTY5NQ%3D%3D

170 B
243 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTIzMDAyMjE3NTYxOTY5NQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 26 May 2023 06:39:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3bb8919c-557c-4e7b-9353-5457c58e6970
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyNTIzMDAyMjE3NTYxOTY5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EE64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

31ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_Is4lLlc5k1isEc9O8FsDvcPRTeQ5tEGw4d49WfNbKQozo3grCow87sx5KqSdHRbrOTSsiiyzMfxsyuu_xubMjwM4jdJljaZm9AjkThg08TpUbw617NYJe77GE5cIlZB803T_ZbkgAwwdqIuR9Bxr6jvo_HGbqV_ls6j46Uddcm8i7TV22cBfWA1QZHXoyn8MgqUoqbCeeEpsNn-GNCLZzKFWpw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EE64
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFY18qKZvlQ6ihlsbzQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_Is4lLlc5k1isEc9O8FsDvcPRTeQ5tEGw4d49WfNbKQozo3grCow87sx5KqSdHRbrOTSsiiyzMfxsyuu_xubMjwM4jdJljaZm9AjkThg08TpUbw617NYJe77GE5cIlZB803T_ZbkgAwwdqIuR9Bxr6jvo_HGbqV_ls6j46Uddcm8i7TV22cBfWA1QZHXoyn8MgqUoqbCeeEpsNn-GNCLZzKFWpw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EE64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

43 B
1 KB

40ms
20ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_Is4lLlc5k1isEc9O8FsDvcPRTeQ5tEGw4d49WfNbKQozo3grCow87sx5KqSdHRbrOTSsiiyzMfxsyuu_xubMjwM4jdJljaZm9AjkThg08TpUbw617NYJe77GE5cIlZB803T_ZbkgAwwdqIuR9Bxr6jvo_HGbqV_ls6j46Uddcm8i7TV22cBfWA1QZHXoyn8MgqUoqbCeeEpsNn-GNCLZzKFWpw

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
AN-X-Request-Uuid: f84fc807-5929-4967-8abc-cffd753ead6f
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE64
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2MDM2MDg5MjU1MjE5NjY2

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2MDM2MDg5MjU1MjE5NjY2

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 26 May 2023 06:39:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c151edcf-eeaf-43b8-ba7c-e74060c42ee4
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2MDM2MDg5MjU1MjE5NjY2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86AF 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3762148230264&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86AF 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3762148230264&version=m202301230201&ct=77&x=1&cor=8715190312122152000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 86AF 15 KB
11 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-_uLm6ImCHtAOp3qBjbF80h_uEXBfTigMXtIbKiEhjA-6zWXMRwRYoWjnsShez8ezdi3XpaBF1HPIXyOXnyftkPlQWlDKVAqZrqXdYH7JbJsXBrlQPDp8xTuJPHKy2mnE4UsaJXmLj4MUK5iG3eKH-WpELVidUlNcd9dy0j9z78jWWkw&cry=1&dbm_d=AKAmf-ApR_xkdm7fENdVCxi5nrpPxcOQ2b7ISM-VzhE5_CPnHJ7CD5U9bx2qvbSMUmFAAaYSPEVQvRyJ4gMMxv367UFg-Ixp48Ljpnm5ck-LteIJUGcqCCB-41MSUFvJzLAol3cmUWdz9JFllncXHPiGu1nI-byj_WUxi5jjHK6ASM7BfMLXEPILIijkuRbmg9CnsCwa5BHUY4WZDh2SGnv700ffzhK3MpyCpT1sI2DqDRvmC_6KOus4XwSf6WnLjM3ZGSfea4M2hXXI9FTYVxOFuAq7y3SHZ0ft9-LgRyrsxA6GEbaaARmBzBZiUQytEbTqePGOT1TX7bjMczHTZXixIwgb1b18tEj8fxIA_sHgEwKinHPmugeyM9IU2bjS4IFegsMV4rVfzdkoHEV_QXHTTZZe4dbzrjE9yEthvt9_381Wma1sc8YFdOTPgx0FflF5Jh6dYfMxQWCGr5Kz64Pz0mr0_FI-ySWmYGcCfrT_zuyayYx2AB24LwsxyTcQLzN_p7DKo-togfpO-_2dvJMyKzxMcKxpHgDk2UCYIr4iQ-qny5Ygsz30jbJAr-7a2gzB7SdUOdkzRErYsVXWUq6YorvipDEuZzkYOblAnNEXccueJPc9mTx-h98fuKTASna3lhEF-elXG9YB9tIRV6lkXANd4pxkE0cH7xyAbpuKggs5-Wvu7dEBjucePAPvIcxtZxnKYpU2Ks6oYC329cLXOF3qJCmU1nbQ7TVcPl50dIgY4ZVGy5-e6IgcCYML5rjCTv2gCEtGyteAIryNMwJg9UUUevn5D2XiGeWLU6c_pYnHFm-dKKL86NRmhvKQIaSisHEdepstVqt2soBb-NCNVZo_uv3QGaDVkM6xdUciX2fsywYTjXWnc8ga-NJzpXk1a-bHPJmTjECwad59bG50UNOxuwz6Sko1gmtQjMeprU63tq5KBsBKdig2nUI6-GOQFZCcQa2P6ST2fQepmjcbf5M5vSTz0G2UQbtGpUuTUQpVSOJU0tC8BnypQ2knNjQHI2T-IHPmFbHOrjGNERzDCendSnPo8o5sW5OckG0I-0jjkhds1Q97NVghk97or3hNm2IOr_VngtJhV70vrRTf-KQok-VyNMn7ngjYqtY3UVXGsAlvjbtiqPfD_tlEA9oKtg3jabGYUAJAtyTWPL3TDw7sdMuRK5fUi8LuHAJhPZ7cyQ_jYDDNnAY1cFMRrfXPx_fgHtQ4RptiKBULFSC5MxhhygqDGYjFJiSv7i_SPmu7J19Oyb9bVPS7sVk5XC-b45UZJGCKzc5vA5xDtwCqqztoykDQ3NQa1Pmd--lNYTPYLL3pH9SOkNmz_OiK0DmXwNVue3pmuX96Z8AHoQ2wYA0sZpUAc_LcsQnOgbAj5av-WOX2FpEOhJBLdpt_J2gK-MJVOUqWFk6_4tKDQGnhw-foX8RaXAIosO8QcIRsSWXQjBqTb8YNLgUZDSNkLmpCA6otJJIaM6bqrtdDtKh6Lwf1nNq5NRVEBinXD31mOjvh801YrH0-XVgPGqbbEZf5xcOk5EcP3C-oN797UuKWY_x2v6Q-csiw5aiZaGMK3cPvJlimDQ-GYTfp29KRVDnVMY8S2kXynMAmcctSHqnxM3WxZRC--gD4y-DhkHo9T5fAeXgT7RacPVNA-2Ipe1jaiRPZDZE8HD97cSA-31kp26JPuJPTV6rCzuge3gJYBBk-McK00WCz3pnP-TsFNUdocEnfCkGl1dRn73Vfp9gow7vNFH8BcZdQgLLG9K8EmoJBP3vnsd2YD1O2SDOr4IwFHty5mzZae9FZjbBMOhXTRnpe6I9Cc2wKPfZ_URK1RNw4VbbnzvRNLcsTbEi2e7G-NAm-PKXOMZKkwFrumLyKI9NS72mu2Q3g0ovpgDFlwhB5_RIyxQhL8btdwagd6CardLLP9c871CXeGh6wfphe6oZciFqbq1LfAVKQYcH3Y4gvSuP1h5IjZVO5IEj8NJzqbPPYIAQ3WHp9d6b3cVEYQ3TKwJ-QaOM3h8ioLWP7c5bD1PTbC4tLD39j6L8UcX2GOpwrMVTLpLIQNFAtbKIF5RXMADLlYUECdHOMe1wAsi2aioZcqUuhreQF61Y_TUTi9djuo2p919Ag2ioxn5jms61AytmujGMDbW9xfzn-MsPl2oCHy61bZiaPVNSpB_xa4a3cYFv2rcH8xvcZG7CRZAqR7SWO9WxN2824LO9OS2d70rxkxe_ORfnEfs-48H2ipaKNL3Ckpi-3_2ijNpPBPPSB-C0t5v7gyK1UESrdShic3kiYnj0tLOqj_tYQ8hNqE10goU8wqg2uvEZi-7OEOFjbbK2hZdcIv6fmtfEME56Nx29vDWPFu9ILlYMshDCxah7Y1pfES_tdK4t7jBaDnw9MQUE1LV-S62sJitWPu34CpMh4B03BjyjzEXalCk6aatNpjhKl_Eq1sxWRIiBUUaw0fCa88XlEbIjoyOewbuV2Mb9I8NeX3CRZPt47E37Lzoa1q-O7xg1yurrSxicO48cJ3U4E9Kwrh2Pw3zak7pk3PQ-4qvdUsgoK6sBHY_XQJME3wz7eg2KBTOOBsNCq8wIlEK8Lq8OcJLukEKnCrqQ7MdktwCJh1HS9l0jZfWV72qsY1bE44Rips00oTmV6ASNAWTeSKTLpR71fCvjdpWw0lYje_x-CZJrskX4nW1_RoQvOfRvpd_SMvpWry5QDr2B6iWJu7MH9uqc0LEOZ11oVW4RnjqF7xtTZPlE7Nb05asju8I3Tg1LNIdXGwwEtl04jkxdZ5fmnDUFB4LKFzukMJj_zJ2MIrRk1LA8Eh05m9KCCG7cfETaLKIZweiWcgtVR9nF6iLaZj9GO3H67-xv7FPlqdDJzvOMpl9oE6L3HsLHC5P-PaEByd_LdA6FE0fRMPIuXdevD0R94Rp5ppG0su0tmBTenAcrxOiaW4cobWJyPzu24_TY5YAFxMs1PevOkyn3KYBqLILSg8b9UKnqxvBb9pHIvzUokxoH03GQqFFpaIT-b1duSi0NK6PB5pCAu-fmmGQ5hXRx4hSkHuUCQ_7UkMBXB_-RUSqUKttso6i7IPIVcaWvL2Ct4JaLyPr1PZfolEjTJnrTWIFKJjJgSY95Seid-AzmxYhWTN6qY6OsiM_TeO7gJ65vkUi_w38CANPtlDpPlCyUSpd2qA161hW5YlImP0UYzZajSImHwCivOOfYrVWwZ_RpE-LZHUSVhEPXXnk4g7cWgZ1E1z-ArQDWlsHuAiOWAxMHTzuxqGve_lTh-JNtzXmManermp33jZxyJKle-kFwNTvcMiFlXiDADGOxs6RoY3dtN6pfoVoQXGJo1&cid=CAQSSwBygQiDLL_sLxpDD3kd41L7z7yQYC7d6YXSAJqK-NPhV4GnS7phR0LAWtR64LmReL4D3tjtbW2c1MLFdFXoQFH3g_cvwNlqAyoKdxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=8715190312122152000&adk=1761367587&idt=102&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9a36f4c3450b529bfbebf91059a1a8bcc29b3857c70d11fd2ac2305b182eaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFB0 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6467885209540&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFB0 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6467885209540&version=m202301230201&ct=77&x=1&cor=14597769200268472000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AFB0 15 KB
11 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqY9J7yl3r4qnvUYOS58m46dwkS-YDIH44H4DD_jcShff88RqhOMo_4gki_7jrSStMg0QUFZ8hKcau2ln6_Sb9fsu6QDLzzcahXZ1Nh18fc_UfW8TKUwC7-kZyTKGreneHDv57_TbZ1nio5AJI-LPmw8J-D2qiz84qCJubw3kcmwv6CdU&cry=1&dbm_d=AKAmf-Avolt4zvkhhEP2OGMxB4ty9YZ0Zw2v3ndsWnrUna8lUCx_m55ZCl1ISSQD_yy8Qn1xLSTjNzbj0PlhQCXK2M3nf0IOpDdufecDF5iuJDM68QzhUmO3EUug8Sodg24zC3CsSbP-I_gdfxAR6_Imf58oBSBOxy5-YdKRoVtv1Jyfdny4kcxyGOmAvwC6sUckLzjp5JAL-NHpNGT5FngvCNYvvI4hYB_tRBUqlTaPmUKJtpPDSFvUAyF5mUrSUaDe6f5F8vZ6nzxm1PkE8NJlempLk6AASLpFdHOw_o9WJomkh4OC_WgS5fkeW9zh52UAmn_oI3Uho_K3KrxfRLb35BPwMO5Hhtzrf2yOasLIe0cdAjWubjYL2Rh7Kd0QBujHs8er2DRzxOPdF_LgzY-oNY_edCpQaqdWRhMjqKjlFUumuez1VTlDqZCb0lNOaNFk0yw0uGzAozD1Da9QUvpce0SK2F8q5Xs7cc-tFZHic7DfXsGMA6k7is4DumXo6ljySDEUMQDFClX6QwS2QbaJIG9t7veHi2JnYmCjy4fazmwD8Dmvvk69pBiVUed8Vh8K7fVKNw0FATPKBws7xamOGJsMCnfOz89THBG_PoFHXZYrxxGQIV_ZzufpjUeRQezs-cQYmqPSf3ZkqMdh4_JxnxrKIMFOHwRNmMk599ABULgzBK3SwJWOchA7jFLOuQ4RAOyZ1fkDk2I7ha6UEpmPTRngYC7cAuCbe9JU-cpSqF2yswUDnDAUF-tvPvyG149MgtSBOfW9r81ZJDx55tYrFUdstZzIaaqkjJ7UpHmnG0xGqjz4j1Hh0gIkz3BmjoTI5F3y2V6n8yhIJGVgXcaJcz2NzMDdpK0xoLwMcqoCfPd7fyXmbB7VM0YnFrmcJxWaC3VdT3t4Hqbm-hFaleJP20bUR92sAQrVym_UaURHaNFkqxIQJXYM-bbf0tUIJhsSgFnWkYeizOTN0HRX0eSYyFSX9pjOG6vVNiyHLX4W8U_h5HQwjCJGNs8IwGrMqtJpaHGqiim3RIQBpKbu7z0bX9O2daf0gwCV-v5W_3PTGrXK1MYnohBboTbjGQUBLyhBAcexV9nb2BOZVsQYpUqNrH6RCJZQxHVidS0Ls2HiPLDhBW2ghBXsVkRp_d27yNXIN9DOQhwz9-lw8Elz7rISlUn54oElSx_aSVs5e2KSsZC8tpYEn0_v2tfjdIPGC97fz8ngJqDBJiW35V8Dz4CUXJkIF9GdaefujsUU8i-83me1fCadW8T8YjHaoiWgx5QtLxlISo3kT0yJ6mSa82PKvlHcrh_il7Wx0jTm3ZgGeQkCIZp6jX3ck-uDTj9xw-HYqcP5d19-v9s4H2aJoSYOcizi34rKl2avTHqc1Mj9zI0i9w8sNnw6oIxqko6j0w04RbtySo50A29Dr7IbqkRjy5yHUsk0f4zchkBcCcBef3BajKp_W72BRValfVWkFGUqQYc01yBG2InwvwVl-mlYCN715zyXcF5-hTlvj2G2kJAdWKIY44FJg5lvnJ2ucdlPOkoOl65sJe1oqqRr7ZTFYVqviRHggh10Ht2UpmgqESgTr1wKINda7v1W0kwVmLFFVG2C3ttf3ZQJ5KVeGiar5Py8IW7SdtJaMBQ5ggzDSjGKxoKlkuYZEZ-RCgh2wuY4TMjvdmnuR3jQiTOmtT6JatALQXBkyPazN0t_JVkFzvq0BX7LSmiyljCT4iJA6PuZMnBaBm5orOY2iz5MrugNuCKMMwF-5yJmCPXAc6FcFjubKIHwqIxJHn1kjLBMDWeQD787aBOH03_iZFFQbA6McS5k-AXWA7z5ctBNfJliRJa4Clrp3d_Uk8N9XwfXTb2pjxbs0A-LDAcFm6D0MZaItvBGQYba-o1W5LmQsUJuT8p1ULW5-WmympyrK1JlBtpWSa9FiUvQoBEIDC3IpI4qEEKxozW96-GZ78wgEk_CDAznOFgLs238mhbO1iiJKQSlOJvN7vZYMsUe7oAzPqyrr5o7eg71h1uaGYN88vGsmwvMLPcAasZznx8PwcOqmtNHJh4eYaZyc95aNVxQc-cZEocnFk7p4Q5Mltkl1GXEatGzjPzH8yLnQiAssRMDwKgfbLrdU2mecaxktXRyW6YyN3hpFY9sFMckKjFQOCF1XKD7VLmwVL1hvoL0tt_lSnzLmttxo3BijcNYj152uFLxrefGEJXYvwKfW-EVEgXIzurkp3tlW_a-LykZWh7nUk8zP_IzIKdSKTzz3-wZPJ51sqVlzTP2VFLDXlLQW5mr7RdxG6TDZyzf64D3SV2k0plP9bZ3VNGTTpul-w4XOyd03vzwLdNGm16Uvjt9NWLSCZUrfZzi9gWvB2IWvIjLuq2ELtMPBGBWBCjYzMg3uIZ0ABf1YkuglyA53C3DZdNx_wfBBpyqpAUcrYvTb20rhXhm72gASDngEPEuxdeug0Bl2lbqQhjy3gfhto9foa75FWNz0pqiYUFTYGqSH-0PxpDCvP_V5CPy4tt8WGV75e3OmmiIlitV6ZdHF_r_U_N1y6_4JjNdEG3HUVnm_xN79BchxwrfbusTfH9cOlqWGI-Qxme8wMVjZTjFEQFw4XtO9mrzYBwxpwY3f5dgXr-3sohzDBEjo-hHMjk_IbUMfA9BkyNxKGFTXR95nCl592pU61uMYpBVDW_FAZuBG4bYeFjcT-XJjDZzPSD2Co6ubhJX3yey3cnK5Epq3clNI2D_XpeaW16VTAoXa9cuGuKQvF3SWBhfGT6kNFBuMHXx3vDgpJzC4Ju6QCIPxnMIcyGfbxfTDAPgljmMqcmsXu2eQ3Weuptro5CBZELzHEInaHbz8e6ipsLbV0IfWp_rb_w17q_-6tUQPs8xfnifrBNa20r1cyVxbFtXdJYMmiX1X8YOdiWY8yRYP-g5SJVVqJqAVf7qD8VcCMUZaMvB65zkG569cJKbUumqqRKCMP7eonsSypW8JQ6NYxdMMTXELQwl94cDLzdfGiYDGnF_o3eP0WRtrbhBp7QqBkiZpbnJshFDjpmlTYlZLCrkJhAcntxi_f97GP2Xa2q7JGpB_NpaohdTYMv-ZYeFqC_M3cjorMPP_u9ONQg99UYcVPrtA6kvAndizU220hQddcqHsz8F5e4mDSohuaTafx5UFCIOl6UK3uCDZ7zJkH3BKT3gbsmVC9a8S4T_fABT4_ZZf-9BY1BGfj3jdP23iLMfLQQknFuY07wusTejy7cJnomLuTL6uarinMXJJPYV2doY5TZLi9xPe3xOWCIqF5m9eVb_tT07iFrGewtTrxecHKhjHoCt8ADCbuxNV_N3N0JoIbkpcTNXyJ9-1UBr&cid=CAQSTABygQiDKR1j6_xpub42woV51DA7Z3ynlSP3xuv3zVO7AJhBMWU4cp7sphb2I3bSUtUzALkL18L7V5iTKGYe88_4crVz91nc0t-Z73gYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=14597769200268472000&adk=1726166460&idt=98&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdd5cde97bee9d448c85b26575567bb6bcf8d2f2d010701ffc4e0fdc239041b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11479
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8120 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?r-7u1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A5C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

42ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwdfpbwOKXs14mBJ_hS-lViljd-aMOPYIPkpajab769zFpIWZI_F3B8WInMIFtSd4jSrsDz_5W9eiTIG8OIGRa-CyvU5b3USXWV-1cPnZCsmhJtDoV0FVFhc57p8q54iSOKQxM_LbFHFKNzTJReYDxv1SWJSpVb_JQZ0xoZNkfyrMCZxBNPCG87bQXBQZ8c7ZEGIk6Hf4PZ4cpREMWXg-2k_0pYA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A5C1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFRevVB7YH27FnuL4cAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwdfpbwOKXs14mBJ_hS-lViljd-aMOPYIPkpajab769zFpIWZI_F3B8WInMIFtSd4jSrsDz_5W9eiTIG8OIGRa-CyvU5b3USXWV-1cPnZCsmhJtDoV0FVFhc57p8q54iSOKQxM_LbFHFKNzTJReYDxv1SWJSpVb_JQZ0xoZNkfyrMCZxBNPCG87bQXBQZ8c7ZEGIk6Hf4PZ4cpREMWXg-2k_0pYA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A5C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

43 B
1 KB

67ms
32ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNUwdfpbwOKXs14mBJ_hS-lViljd-aMOPYIPkpajab769zFpIWZI_F3B8WInMIFtSd4jSrsDz_5W9eiTIG8OIGRa-CyvU5b3USXWV-1cPnZCsmhJtDoV0FVFhc57p8q54iSOKQxM_LbFHFKNzTJReYDxv1SWJSpVb_JQZ0xoZNkfyrMCZxBNPCG87bQXBQZ8c7ZEGIk6Hf4PZ4cpREMWXg-2k_0pYA

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
AN-X-Request-Uuid: fc96c7ca-6bf6-459e-93f7-046b80820238
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5C1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 26 May 2023 06:39:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2a0ae962-d16f-4621-a8bb-39d0db625936
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F44 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6549966350626&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F44 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6549966350626&version=m202301230201&ct=77&x=1&cor=8364803040323480000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0F44 15 KB
11 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtBurAgmdxjKUBujx8QBdcJfTFVzVJtF911lsezBivmyf0PCmCkTICnarHmf4yoWYbWlFll9GXZyRTTXTTW7u_0YwuKokKGJ1G-5KvF0W7hUL16lwZhY39aGm1y_yzfY6FjU3taNy_81YwDK3OhZF_i5DkfRNNDCk0YOTBvJ5kHyRz3Xs&cry=1&dbm_d=AKAmf-DWiLn1sjyXqrdObLz-9AzD1OKQW_vpPcHINlcFFp-bGovJvTc0h-dXgGr8Ls9QV7JyOGZku-dN3EWTlMq657m9QnGgSeQaD0td7ngUJwL-Pp8KOIpPufRBdnplxbFK8gbf3leqztCBfK4pMGknk1DEMOXeCYVndT80cfjVESauVZixjTfpvzO23FUx_ps6GgyD111BWiu16-HttHjRnStkEx6tif3JuqEQI0UhpEhy3foOzu9rILJC-TMeEVfclXwlU7VYL8RdipvAiKo9TO8VIcvgNr8VwYBxQGAL5uTbEwgtapvkkVw0P0Jl8xaI8cDWKOh7z9lXNJRXXl1PJ1jMnoIrb3PDxeK1f7-DryXHgujKiU8qn3LsjN938JzRnXCBH8ZbWcqsUbw5uDaQlUpZ5GgKgz2oQJQHLu3XKGdk-Nk83oakNZWCnNq4-pUbyE-GVYQscCdxI1iIE5fEr1fVPlym3R81y2UHG80Zf-0l6pIS68LdOYArVI7tgYG6uqVDcaBRBVyAHAkUjFGvA9vzqmL4MRlhfsBZ1vlUNyQJAOhIF3cVSHVkctZm6fkjnwTGUbi3heICxzFKx_kNGui-VzmGVyvLQh0-_FFzSZfNF9OSF-0K1Nto1bp5fOFZTC8VCXNIfMn9b2heHf6B_9I-gS9ksHpZTUGX_07dRRO-cwZ5O_tE5WWghuuIj2Oh5iNourAn5PGucTE4tiI8FRM10BCS979sZC2eV34aIGN7keXvcE5YogbFTeRpL7IejZVnxD7fR7V5gW6QaproqiQ2ATLXb7K1_ImqULLf7IUji87ObjXWnjTW-kJpS0iHb2oO7UK8rM0S7MvlZv7Fkk7gGp8_Q-h-6LMz-HI3P4qw_xtGnoXHZQ4-ZjJMKJJVARC3hGeppOVw0iqfGNN6JYgqIuXz1L9gfpCzaFvJoj4oh6fAXTEfW_Sj4mjuy_Ax2le9vSGw-IQYfBqy93eiX3pCUqTn9MmAeCNg3Fa2KPFLeQLm_wTwhpzojF04ch0eNNlGyaT5GB1NZC-vOmFAJFDJyJttASR3aoUMX-Lw4RWC0GSMqIKPKw0luZtIrByuI8xQCmOm22DT2wqcqiVJNJ3AkdAC-k9tGpQe0xH5BieN-aaUVtQnuf8-ieaGQJ6pdnh6W95VT-X20H6NhN4FpFHprVJfyISjvW3Poq_CpRSiaLDFM1eopCgrEL0AuZ_j6FcSrNAzGrK6SvOcx1sHAOTD4Rhwqdb-r89RwI7-oKrRLNur1qAlEbIP1sfH3Jd1qhSXgvc9xL4-HRkX9LnzroOxjvdSei1uOeQlF3WTskhjHg43ZvuN1r6LKFiau7JW0kURR-AlWonbxsCJrSxUilc-loqPjRyrzjjtgk2fKyDLNvhqjzcTRiOy4XPhXSLlcKNvpWfGAh3-dd1I24nR-NumXJoqEIIFmDCKKIHTGZnBzhFokpGIvQiYT69K-4s85AXnt_JDwg5bJnFrlj0OIqryQPkVaKrzJAFqzAkHFjyjgps97aYZwQs-CqefsndJzHSZ-8kN8UoLXYOfzpdO5i9WunfzPsOPWNNQEPtaifxD1l4FBLdbAe7GyNx8ZGLWnG3wWL9a0Zb4F8ZyTjcM9dMywXLbUg-QPxL_6JBc3q7F-HToC3QwENkTBaKyDOmxMQUss3gizammy2wo3QPZDUELiSPAWI6ze4WKAXWDL0FB6XGr7F7sGmfZTE-SoTJSXo5cV7FRO-GCMkUBO2Y9IfsMqYx8iIzlSSo1JHKY2u23XMxtKtpB_R3-0f3KLfV2KEmksRIKy5MdTKdOTdLd1D6vV1sWCCWForDSlrYZE1GM7VRHA1kniSNev5-SR5ffEoZCoqy-WCI20zd4NBDLkZmng8DegQYHkMJLwruEIQAqdXbJYc6r45sZBNqOcsew-guiypBPELHVp0a8PHsJBMDT98PgXKbXc1p5X_QhZncYe0rfoBogF0m-wKsCEykjwddtA-em4G2-ke-57EHR-QyZX91bnvbiGTheECW0kR-I0U4AutNUVg7jd0Iq5DSonDli7oP-KXHu5ZQnxzilHKrlxkEPog2AkqPEaE1R3s8uUmUpsubDoGHlEHQCL1HZucPjv3FoRC1zwM3kfsFOR-ztexjoBLIF_wRbiFpR3q7MzV-gEV7D46eSovOrgaAGvv71jk2A0mvsbj20rb6I-zAr4gvWVFcpktwmxQFkQkPttnsR8ue25xAQ2qvzRJUgmRWDMMda8AkWxH6PLEnm7gH6M3a_5haEPJpeDw0M07D9ICWGrQ2ghtNye95RmO-dRINWh8ecKmtXzP4rtxRg2owxNQq5RhScBQSmGdAOpONUP5aniDa2_vFvPBlSwqM8McEegqRn5t0dJhkmHqI_0zzsTkQUIjAhWnHgkFh5eABBD34H8bciU6y0WUL0Xjo913D_VrDM9oye8UOha03a8C_5Y5_r_DPukRMwJdbUPi17Xp1PhxEudQdmuwhrxI8q_lXMZvrykofIDU4VGBqJ90Ah07H9KUXUmonhZjmDm6Q7kdiruJp_HYiTo-h8VNDS4ubbZNrl_B1DisU1ZLyYWE71oO7hfJ70u6T8s_8e21oWK4n3F6YZXcNlJuDcel_KNwS9I6_dXuXqmWtmnyDP6_eI7-txWdUGcj1e1ykIOxTQ9iVr-BFEQUTF9t7-RgunvXyN8YGv0wtRtSVAtfOzWGx3cKbmv_VLD6kjUbGD7UQaK6QG3kzK13iiOCkKXBsu4YtBmJnwwAnTHDzx1pgRx7hHRqrVUVsI9H1RsXVhQ2igKifWDVeWbEfwLAuaxPblzKncnHwaBJD7ekb9I2P3EVTRQUFkuWDKWniVDiTOdLrnDp-MrKfT712noEnti5-tLbadAPVkvIvLajISRAShXs1-tfYoKHSEPFJhWqyoPI2A5nKDGbjenx64__N3f1EkAbpDr4-SBwwcif7E79u-Z6L5Jky0ekIjVR7wXSjBNBumyIeY_Ou4zRVyqmMeJoyx3cgqPrrjgYYSLErXlbj8cY50DAhT0xYIf_mud8ZM2bwDRPH8nfi3Won-TU671d9G0PV1HZorji7LDw1qdvqGFMd1NVNzmrYGDa_OPfUzMAh953cWQWaNlLrL7g8mHBFYg6wUJlyFMbtaPpN3IbHVRbuhX26xONXkomKKGIbm9WKugl-Ksl0XHIelPqOoUQrBCVAmDuT-GEjAwFM9_MNzgEmS86sEL7reGgYV-DbY_KPXm2EyhYsYmdfKhFR3Ckpr262M9GmxLPYGb-PQFtt7SiBj06vjzcHEexq1AOhcO-aVDFk5R0BAOaWF7X9-MhT4lL6AVOal&cid=CAQSSwBygQiDHwu8HhGich0ZySw_JQCr7occC6Yn1qmQ9XYMQ1lJm-IuR_7vklVnatQnUSwdCGDLlpVqsz9KtQXXXphpWxGbnePyZLmITxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=8364803040323480000&adk=521587874&idt=161&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32544964ac762b9275479b524053df899a895dd169d434f057a875677e350bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 86AF 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-_uLm6ImCHtAOp3qBjbF80h_uEXBfTigMXtIbKiEhjA-6zWXMRwRYoWjnsShez8ezdi3XpaBF1HPIXyOXnyftkPlQWlDKVAqZrqXdYH7JbJsXBrlQPDp8xTuJPHKy2mnE4UsaJXmLj4MUK5iG3eKH-WpELVidUlNcd9dy0j9z78jWWkw&cry=1&dbm_d=AKAmf-ApR_xkdm7fENdVCxi5nrpPxcOQ2b7ISM-VzhE5_CPnHJ7CD5U9bx2qvbSMUmFAAaYSPEVQvRyJ4gMMxv367UFg-Ixp48Ljpnm5ck-LteIJUGcqCCB-41MSUFvJzLAol3cmUWdz9JFllncXHPiGu1nI-byj_WUxi5jjHK6ASM7BfMLXEPILIijkuRbmg9CnsCwa5BHUY4WZDh2SGnv700ffzhK3MpyCpT1sI2DqDRvmC_6KOus4XwSf6WnLjM3ZGSfea4M2hXXI9FTYVxOFuAq7y3SHZ0ft9-LgRyrsxA6GEbaaARmBzBZiUQytEbTqePGOT1TX7bjMczHTZXixIwgb1b18tEj8fxIA_sHgEwKinHPmugeyM9IU2bjS4IFegsMV4rVfzdkoHEV_QXHTTZZe4dbzrjE9yEthvt9_381Wma1sc8YFdOTPgx0FflF5Jh6dYfMxQWCGr5Kz64Pz0mr0_FI-ySWmYGcCfrT_zuyayYx2AB24LwsxyTcQLzN_p7DKo-togfpO-_2dvJMyKzxMcKxpHgDk2UCYIr4iQ-qny5Ygsz30jbJAr-7a2gzB7SdUOdkzRErYsVXWUq6YorvipDEuZzkYOblAnNEXccueJPc9mTx-h98fuKTASna3lhEF-elXG9YB9tIRV6lkXANd4pxkE0cH7xyAbpuKggs5-Wvu7dEBjucePAPvIcxtZxnKYpU2Ks6oYC329cLXOF3qJCmU1nbQ7TVcPl50dIgY4ZVGy5-e6IgcCYML5rjCTv2gCEtGyteAIryNMwJg9UUUevn5D2XiGeWLU6c_pYnHFm-dKKL86NRmhvKQIaSisHEdepstVqt2soBb-NCNVZo_uv3QGaDVkM6xdUciX2fsywYTjXWnc8ga-NJzpXk1a-bHPJmTjECwad59bG50UNOxuwz6Sko1gmtQjMeprU63tq5KBsBKdig2nUI6-GOQFZCcQa2P6ST2fQepmjcbf5M5vSTz0G2UQbtGpUuTUQpVSOJU0tC8BnypQ2knNjQHI2T-IHPmFbHOrjGNERzDCendSnPo8o5sW5OckG0I-0jjkhds1Q97NVghk97or3hNm2IOr_VngtJhV70vrRTf-KQok-VyNMn7ngjYqtY3UVXGsAlvjbtiqPfD_tlEA9oKtg3jabGYUAJAtyTWPL3TDw7sdMuRK5fUi8LuHAJhPZ7cyQ_jYDDNnAY1cFMRrfXPx_fgHtQ4RptiKBULFSC5MxhhygqDGYjFJiSv7i_SPmu7J19Oyb9bVPS7sVk5XC-b45UZJGCKzc5vA5xDtwCqqztoykDQ3NQa1Pmd--lNYTPYLL3pH9SOkNmz_OiK0DmXwNVue3pmuX96Z8AHoQ2wYA0sZpUAc_LcsQnOgbAj5av-WOX2FpEOhJBLdpt_J2gK-MJVOUqWFk6_4tKDQGnhw-foX8RaXAIosO8QcIRsSWXQjBqTb8YNLgUZDSNkLmpCA6otJJIaM6bqrtdDtKh6Lwf1nNq5NRVEBinXD31mOjvh801YrH0-XVgPGqbbEZf5xcOk5EcP3C-oN797UuKWY_x2v6Q-csiw5aiZaGMK3cPvJlimDQ-GYTfp29KRVDnVMY8S2kXynMAmcctSHqnxM3WxZRC--gD4y-DhkHo9T5fAeXgT7RacPVNA-2Ipe1jaiRPZDZE8HD97cSA-31kp26JPuJPTV6rCzuge3gJYBBk-McK00WCz3pnP-TsFNUdocEnfCkGl1dRn73Vfp9gow7vNFH8BcZdQgLLG9K8EmoJBP3vnsd2YD1O2SDOr4IwFHty5mzZae9FZjbBMOhXTRnpe6I9Cc2wKPfZ_URK1RNw4VbbnzvRNLcsTbEi2e7G-NAm-PKXOMZKkwFrumLyKI9NS72mu2Q3g0ovpgDFlwhB5_RIyxQhL8btdwagd6CardLLP9c871CXeGh6wfphe6oZciFqbq1LfAVKQYcH3Y4gvSuP1h5IjZVO5IEj8NJzqbPPYIAQ3WHp9d6b3cVEYQ3TKwJ-QaOM3h8ioLWP7c5bD1PTbC4tLD39j6L8UcX2GOpwrMVTLpLIQNFAtbKIF5RXMADLlYUECdHOMe1wAsi2aioZcqUuhreQF61Y_TUTi9djuo2p919Ag2ioxn5jms61AytmujGMDbW9xfzn-MsPl2oCHy61bZiaPVNSpB_xa4a3cYFv2rcH8xvcZG7CRZAqR7SWO9WxN2824LO9OS2d70rxkxe_ORfnEfs-48H2ipaKNL3Ckpi-3_2ijNpPBPPSB-C0t5v7gyK1UESrdShic3kiYnj0tLOqj_tYQ8hNqE10goU8wqg2uvEZi-7OEOFjbbK2hZdcIv6fmtfEME56Nx29vDWPFu9ILlYMshDCxah7Y1pfES_tdK4t7jBaDnw9MQUE1LV-S62sJitWPu34CpMh4B03BjyjzEXalCk6aatNpjhKl_Eq1sxWRIiBUUaw0fCa88XlEbIjoyOewbuV2Mb9I8NeX3CRZPt47E37Lzoa1q-O7xg1yurrSxicO48cJ3U4E9Kwrh2Pw3zak7pk3PQ-4qvdUsgoK6sBHY_XQJME3wz7eg2KBTOOBsNCq8wIlEK8Lq8OcJLukEKnCrqQ7MdktwCJh1HS9l0jZfWV72qsY1bE44Rips00oTmV6ASNAWTeSKTLpR71fCvjdpWw0lYje_x-CZJrskX4nW1_RoQvOfRvpd_SMvpWry5QDr2B6iWJu7MH9uqc0LEOZ11oVW4RnjqF7xtTZPlE7Nb05asju8I3Tg1LNIdXGwwEtl04jkxdZ5fmnDUFB4LKFzukMJj_zJ2MIrRk1LA8Eh05m9KCCG7cfETaLKIZweiWcgtVR9nF6iLaZj9GO3H67-xv7FPlqdDJzvOMpl9oE6L3HsLHC5P-PaEByd_LdA6FE0fRMPIuXdevD0R94Rp5ppG0su0tmBTenAcrxOiaW4cobWJyPzu24_TY5YAFxMs1PevOkyn3KYBqLILSg8b9UKnqxvBb9pHIvzUokxoH03GQqFFpaIT-b1duSi0NK6PB5pCAu-fmmGQ5hXRx4hSkHuUCQ_7UkMBXB_-RUSqUKttso6i7IPIVcaWvL2Ct4JaLyPr1PZfolEjTJnrTWIFKJjJgSY95Seid-AzmxYhWTN6qY6OsiM_TeO7gJ65vkUi_w38CANPtlDpPlCyUSpd2qA161hW5YlImP0UYzZajSImHwCivOOfYrVWwZ_RpE-LZHUSVhEPXXnk4g7cWgZ1E1z-ArQDWlsHuAiOWAxMHTzuxqGve_lTh-JNtzXmManermp33jZxyJKle-kFwNTvcMiFlXiDADGOxs6RoY3dtN6pfoVoQXGJo1&cid=CAQSSwBygQiDLL_sLxpDD3kd41L7z7yQYC7d6YXSAJqK-NPhV4GnS7phR0LAWtR64LmReL4D3tjtbW2c1MLFdFXoQFH3g_cvwNlqAyoKdxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=8715190312122152000&adk=1761367587&idt=102&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AFB0 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqY9J7yl3r4qnvUYOS58m46dwkS-YDIH44H4DD_jcShff88RqhOMo_4gki_7jrSStMg0QUFZ8hKcau2ln6_Sb9fsu6QDLzzcahXZ1Nh18fc_UfW8TKUwC7-kZyTKGreneHDv57_TbZ1nio5AJI-LPmw8J-D2qiz84qCJubw3kcmwv6CdU&cry=1&dbm_d=AKAmf-Avolt4zvkhhEP2OGMxB4ty9YZ0Zw2v3ndsWnrUna8lUCx_m55ZCl1ISSQD_yy8Qn1xLSTjNzbj0PlhQCXK2M3nf0IOpDdufecDF5iuJDM68QzhUmO3EUug8Sodg24zC3CsSbP-I_gdfxAR6_Imf58oBSBOxy5-YdKRoVtv1Jyfdny4kcxyGOmAvwC6sUckLzjp5JAL-NHpNGT5FngvCNYvvI4hYB_tRBUqlTaPmUKJtpPDSFvUAyF5mUrSUaDe6f5F8vZ6nzxm1PkE8NJlempLk6AASLpFdHOw_o9WJomkh4OC_WgS5fkeW9zh52UAmn_oI3Uho_K3KrxfRLb35BPwMO5Hhtzrf2yOasLIe0cdAjWubjYL2Rh7Kd0QBujHs8er2DRzxOPdF_LgzY-oNY_edCpQaqdWRhMjqKjlFUumuez1VTlDqZCb0lNOaNFk0yw0uGzAozD1Da9QUvpce0SK2F8q5Xs7cc-tFZHic7DfXsGMA6k7is4DumXo6ljySDEUMQDFClX6QwS2QbaJIG9t7veHi2JnYmCjy4fazmwD8Dmvvk69pBiVUed8Vh8K7fVKNw0FATPKBws7xamOGJsMCnfOz89THBG_PoFHXZYrxxGQIV_ZzufpjUeRQezs-cQYmqPSf3ZkqMdh4_JxnxrKIMFOHwRNmMk599ABULgzBK3SwJWOchA7jFLOuQ4RAOyZ1fkDk2I7ha6UEpmPTRngYC7cAuCbe9JU-cpSqF2yswUDnDAUF-tvPvyG149MgtSBOfW9r81ZJDx55tYrFUdstZzIaaqkjJ7UpHmnG0xGqjz4j1Hh0gIkz3BmjoTI5F3y2V6n8yhIJGVgXcaJcz2NzMDdpK0xoLwMcqoCfPd7fyXmbB7VM0YnFrmcJxWaC3VdT3t4Hqbm-hFaleJP20bUR92sAQrVym_UaURHaNFkqxIQJXYM-bbf0tUIJhsSgFnWkYeizOTN0HRX0eSYyFSX9pjOG6vVNiyHLX4W8U_h5HQwjCJGNs8IwGrMqtJpaHGqiim3RIQBpKbu7z0bX9O2daf0gwCV-v5W_3PTGrXK1MYnohBboTbjGQUBLyhBAcexV9nb2BOZVsQYpUqNrH6RCJZQxHVidS0Ls2HiPLDhBW2ghBXsVkRp_d27yNXIN9DOQhwz9-lw8Elz7rISlUn54oElSx_aSVs5e2KSsZC8tpYEn0_v2tfjdIPGC97fz8ngJqDBJiW35V8Dz4CUXJkIF9GdaefujsUU8i-83me1fCadW8T8YjHaoiWgx5QtLxlISo3kT0yJ6mSa82PKvlHcrh_il7Wx0jTm3ZgGeQkCIZp6jX3ck-uDTj9xw-HYqcP5d19-v9s4H2aJoSYOcizi34rKl2avTHqc1Mj9zI0i9w8sNnw6oIxqko6j0w04RbtySo50A29Dr7IbqkRjy5yHUsk0f4zchkBcCcBef3BajKp_W72BRValfVWkFGUqQYc01yBG2InwvwVl-mlYCN715zyXcF5-hTlvj2G2kJAdWKIY44FJg5lvnJ2ucdlPOkoOl65sJe1oqqRr7ZTFYVqviRHggh10Ht2UpmgqESgTr1wKINda7v1W0kwVmLFFVG2C3ttf3ZQJ5KVeGiar5Py8IW7SdtJaMBQ5ggzDSjGKxoKlkuYZEZ-RCgh2wuY4TMjvdmnuR3jQiTOmtT6JatALQXBkyPazN0t_JVkFzvq0BX7LSmiyljCT4iJA6PuZMnBaBm5orOY2iz5MrugNuCKMMwF-5yJmCPXAc6FcFjubKIHwqIxJHn1kjLBMDWeQD787aBOH03_iZFFQbA6McS5k-AXWA7z5ctBNfJliRJa4Clrp3d_Uk8N9XwfXTb2pjxbs0A-LDAcFm6D0MZaItvBGQYba-o1W5LmQsUJuT8p1ULW5-WmympyrK1JlBtpWSa9FiUvQoBEIDC3IpI4qEEKxozW96-GZ78wgEk_CDAznOFgLs238mhbO1iiJKQSlOJvN7vZYMsUe7oAzPqyrr5o7eg71h1uaGYN88vGsmwvMLPcAasZznx8PwcOqmtNHJh4eYaZyc95aNVxQc-cZEocnFk7p4Q5Mltkl1GXEatGzjPzH8yLnQiAssRMDwKgfbLrdU2mecaxktXRyW6YyN3hpFY9sFMckKjFQOCF1XKD7VLmwVL1hvoL0tt_lSnzLmttxo3BijcNYj152uFLxrefGEJXYvwKfW-EVEgXIzurkp3tlW_a-LykZWh7nUk8zP_IzIKdSKTzz3-wZPJ51sqVlzTP2VFLDXlLQW5mr7RdxG6TDZyzf64D3SV2k0plP9bZ3VNGTTpul-w4XOyd03vzwLdNGm16Uvjt9NWLSCZUrfZzi9gWvB2IWvIjLuq2ELtMPBGBWBCjYzMg3uIZ0ABf1YkuglyA53C3DZdNx_wfBBpyqpAUcrYvTb20rhXhm72gASDngEPEuxdeug0Bl2lbqQhjy3gfhto9foa75FWNz0pqiYUFTYGqSH-0PxpDCvP_V5CPy4tt8WGV75e3OmmiIlitV6ZdHF_r_U_N1y6_4JjNdEG3HUVnm_xN79BchxwrfbusTfH9cOlqWGI-Qxme8wMVjZTjFEQFw4XtO9mrzYBwxpwY3f5dgXr-3sohzDBEjo-hHMjk_IbUMfA9BkyNxKGFTXR95nCl592pU61uMYpBVDW_FAZuBG4bYeFjcT-XJjDZzPSD2Co6ubhJX3yey3cnK5Epq3clNI2D_XpeaW16VTAoXa9cuGuKQvF3SWBhfGT6kNFBuMHXx3vDgpJzC4Ju6QCIPxnMIcyGfbxfTDAPgljmMqcmsXu2eQ3Weuptro5CBZELzHEInaHbz8e6ipsLbV0IfWp_rb_w17q_-6tUQPs8xfnifrBNa20r1cyVxbFtXdJYMmiX1X8YOdiWY8yRYP-g5SJVVqJqAVf7qD8VcCMUZaMvB65zkG569cJKbUumqqRKCMP7eonsSypW8JQ6NYxdMMTXELQwl94cDLzdfGiYDGnF_o3eP0WRtrbhBp7QqBkiZpbnJshFDjpmlTYlZLCrkJhAcntxi_f97GP2Xa2q7JGpB_NpaohdTYMv-ZYeFqC_M3cjorMPP_u9ONQg99UYcVPrtA6kvAndizU220hQddcqHsz8F5e4mDSohuaTafx5UFCIOl6UK3uCDZ7zJkH3BKT3gbsmVC9a8S4T_fABT4_ZZf-9BY1BGfj3jdP23iLMfLQQknFuY07wusTejy7cJnomLuTL6uarinMXJJPYV2doY5TZLi9xPe3xOWCIqF5m9eVb_tT07iFrGewtTrxecHKhjHoCt8ADCbuxNV_N3N0JoIbkpcTNXyJ9-1UBr&cid=CAQSTABygQiDKR1j6_xpub42woV51DA7Z3ynlSP3xuv3zVO7AJhBMWU4cp7sphb2I3bSUtUzALkL18L7V5iTKGYe88_4crVz91nc0t-Z73gYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=14597769200268472000&adk=1726166460&idt=98&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A4F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiX993qATAB&v=APEucNXX90fImQEcC56DcMi3_xlULfRD99oi2vpaKeEy0L_g6X5Gzq5LeRu3Bmw8-YVYHwvwdYqAH3o_Y3yGtODkUEsACRb7mDuYHeXuIa5s0Ipu5JVjHg3cHbje-fga4sWZWY1ZWgOkgprpSPR2TfsmBlNtsYiZDfH1tdcIxQiwZ1_QF_UNvVAYP0RhZa1GTYj-iOYMmO9Em13nnuYDTEhaXGXXd2CTIQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A4F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHBUFY18qKZvlQ6ihlsbzQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiX993qATAB&v=APEucNXX90fImQEcC56DcMi3_xlULfRD99oi2vpaKeEy0L_g6X5Gzq5LeRu3Bmw8-YVYHwvwdYqAH3o_Y3yGtODkUEsACRb7mDuYHeXuIa5s0Ipu5JVjHg3cHbje-fga4sWZWY1ZWgOkgprpSPR2TfsmBlNtsYiZDfH1tdcIxQiwZ1_QF_UNvVAYP0RhZa1GTYj-iOYMmO9Em13nnuYDTEhaXGXXd2CTIQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP1q9OtlzHb5UxmGef8wc0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A4F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

43 B
1 KB

20ms
20ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiX993qATAB&v=APEucNXX90fImQEcC56DcMi3_xlULfRD99oi2vpaKeEy0L_g6X5Gzq5LeRu3Bmw8-YVYHwvwdYqAH3o_Y3yGtODkUEsACRb7mDuYHeXuIa5s0Ipu5JVjHg3cHbje-fga4sWZWY1ZWgOkgprpSPR2TfsmBlNtsYiZDfH1tdcIxQiwZ1_QF_UNvVAYP0RhZa1GTYj-iOYMmO9Em13nnuYDTEhaXGXXd2CTIQ

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
AN-X-Request-Uuid: 482fe2bd-b789-42a1-a402-3a7581aac2d1
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM4oNeBP4Srb6imWzBA83oI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4F2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 26 May 2023 06:39:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 39074219-71b2-4b3c-806a-2ed76706b90c
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwMTIzMjQ3MTIxNDEzNjc4MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 35DB 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame AFB0 57 KB
19 KB 51ms
51ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 86AF 57 KB
19 KB 51ms
51ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7FEC 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B466 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1263981184794&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B466 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1263981184794&version=m202301230201&ct=76&x=1&cor=2099050825646490000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B466 87 KB
35 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7f9kQwjdESfWPSA9dYRsVEBBYYEf9h95cHMvitmaRzRneZxxZ1qybj_-lr8OprTgGSoBJZCa5k5D-mZKH2SOYEptw5A&cry=1&dbm_d=AKAmf-COBEwDKBLhLbAoWdiQgqUwF69PDc9nBTU9P2M8vfriXJgIwrFDbXVEJ5E3HTVg56lW_tyn785jM-mHPkkMEqun1aTpXDiI_WM5-DAQv2OWZ0L6xWn87N5nx6lyWFuDWiakvZqRyUZATVaPAABZzh1mrctoiTTG9IuHBe25TIW4P6M5tcW-g8YZi7euLmfJcTDjtTNvOSxK8P0_o_1shGugXqNV1yb5TlPkCS1aAsk1iQnGQi2vkhvRKgMsN8rNdOU9jnAy96owGYavj8ATnB6etMuWj1oDcAN5CY5_V8RaNfEevCfrpshY_63vuHkDPGXsXejkZT5h1ZQTPaiLrlc_Y3KbgxCSaT9dFAzgcahqbJnNLqM6zu3zKkhCgvs032lnR7cMRYGpLAYmrXX_MfeXbkwROZea9G87ZwThCAipzGXEs_3tdgNfJMbU9bInTI8yb2mdd1DNxLk_UsQYsBlte1YHLWE61rwSS2SSgKoo4PcJCZCO0BK_iGyrhpn4j_wMGS5cp7twP62CbayQlBL_TdvAFdtRWnee14BS_xKSUUs513vJOQu-zd7qVLgaBtFFKzSm4Je0ya6dfoQjEKOQs8wfzYcUeRctKX1mdkwL6du2dKe3FOgrNqVGUkre56o3mujLs5WOzpQA2jIKIPG0CBehQ447uhiXKQ49O5x81Day2G5-nJomidxXzJXfMlpmJJOLiWCxzGnAvr0F8fbSNggbkJsjNfWjeIeW6dE07QYrXBUmhQmb6WJgDc2sjaPu9QOMJFrwGjXDatLaNmcu-fwiqmHdQN6FdfwBrzPgUSkSrRnEp2FFE_W_QTYGWDuxkrZ1mP0QnscHwLPLzhGOJcpVtQJqYkfIY0bTTTtIaGf70JAKYFsYG4s0VtJWEJCIUh2S0sKvOnwrve_eGQZ7iXFIOMx6IQAc_LHuPCs4RdvMasgCbA3Nt8ARz0zSkGcNnyfq0aKLkV81secciWJmJnOZnmUrIAZvIUYA_rnb2wga_4WUjRdw9YqUkp-wz94SsTQc2TcKPWSJvi_3FKHywUmJoUF4jrUem-5MS1ROZ3yYrgD_7eHbe8XSrBRXRWUkKFZ9HHFDc8GULtf4GPhwlRM4l2ZH78UfazaKfuEyUl3j3dA2bQ8dNhDv9hPt53pjd0VcLZZmhzZNSZrgUc8FZag2vISw0LCij9dnYsmZ54QE2i9cYyoedEMTwrIIZ08lqRtO2nd8hcGYaVz74u9wvMccdJGTnQ7b4lHS0WjNwS2uRQg324TvU7sq1EcYW4jkRnkED4jINKBuuTohjs-LFSgNKehWVAaiAcAL-o8HP8rwfVRccV_XVAZdw_SC6o2G6YS6gpxpFh_ZdegotFSanwte3UV_DHN-Usxu3d05MV_H8fE0zHVeIjXaE_ruSe51mpfuo9cjdUyVWRlKBoS90BAhElBzZCgstmPlZx88d-07NfUbcZuqBTeduBz-Fe-dwNf7vWZRmfUn7uci6iNEUgv-R5WEIL_30NPcggy0xBnBcHkT43VTByYdtTTwFq39sHUndr3PcmEBGJKYBxXTgoI03p2B5AczJ2XvCsd5R6lTHu_BI973ZGuRZiTPVprQUpXzvHagxNELWvZzxNnmd8a_k6Jx2SPAcI-QmUlkC1qHKjwCixoQLFNedN3yslYrgGHVpSonzE5gcLMBzw7inBvjRBOw-ErCnjiZSHwla_oCwaeAIUu5KIRQLKEP1-AQlhdIbIq35LP_ki7EEI36okd_PGACC3Qlvi03cM0baVYk859G6Azr-4vWP9I8_vcyBoAGr1T89W-XQrD_l36rTZhTp0DuDKs5KMRbERWmIoluRuBo-kikdMnLm5QwEEGaNpt3-117ZD-JfZj0ZQZeGb0VCLKxmKlC6ggswAkGiAusF9ne6eSi7nggQuVV2j9AazCuyLgdhmY9WiwVItCBXMtT3m-k-zB9pMiJp9jDsYPBJ8CPBorGSH_u6cXTFbFf6yws54u5XcbcBBSOk-9Fxh2rUahW4bFpf87kPAbFLGYctfcrKp5Cr-FEfspj5jG2ITEb4cta01DHzVf_NC7TofhCwjsSWD5G_Bu7aH3igaNlxBSnCEQ3fxv9OHDDHuxL91lI5f2AJXlGpmq5Mm7sBpP_OKxSJDKWJ3wZGzpKrGOIgF3CF7Ero9chsfrODrZdI4q3ufqDreWw-6zTgWqJUgnWoP__Zbh6WzHZKfFMVlGBLnyrFCPqALQNVM1awWkL2YJEsO-LagZ7LGJUlDlFIjh_81M6mybgZ33NaHL11wRVdTDqdbgOrDQV2k5l7IeGkAJzls0EFW-IMxN9Xo3yKOs8i4a_rQAzGCVYp0N9JjstRSlPw12cxadpQMevOeUe3URoOgBnV7E3Afqrlp-MQHqrjU_9dsYxSjWoQdcAVePgm4d9CjrGFqoXmIovQ4XUtM3Wjkje9YRLL17Lw-nqv_PzKeFF845w864adCZpSXWQ78Szu31gMW39OnkoV9ZWbmk9vxYBVALD0RlmSQ76LMKirnVVeuHPN6MEvPymGdTKSPlwdwFPWmGSRHHeYJ5B1alLBOU_MqAeWdFmD94HZzQ9dKO3KrTrlDSOQX5572BEM_Aw9rldSXhOvPBM_dTpfd5f-0uWo8ySP17xbQAxs6koyRHi215zVq1qsU69mEJasNpJWCuw7y2x8a6wZwHOsC1KzZnKJzXCU2UhtAdWXSaRdjrwORulFxlabP83_ItQltehIsEDtBNwQFVgS_LYyN0w82cqdWt2TpvfOh9gYAxMz406_u3gV0kfVGPhLf0Np2ADAburEFHDZiRX2zmOrA2mm8WIRW-E_ju40EPx-JPDcAjHrWW9vL5tbYvsdcN8ODghKvSskgUQlMnVvEJ_QhwVd4DBmHJSB3uyiFk-juQwUI2k4EdLHL8xstfyP4sJUsXYtLrmjtfJ4-0Wcyphw8v3U21qujME4hdLnb6KEZ7v-PyE-SReKKIFA0_ImExPRWGqBUId_sjiw-tcaWtsanVYo_Pw59wOR5TIYh5t3ilKwwSCjG_fJPq2i7KDsrI9xpcNwEBjjLz1YVwUatwm5xPuhvH6mqtc6C1xkLWQ8nH-83GZUJSmb51gGmZRNqTKcyffi9JrekGcesZpJL-7WFSTH79YeF4ZZ5Da4fugsReZlGDXdHbHhOBj0yk8Mr4nntvOvp92HRzpMZ2SPoJ1u5jp9xmsrWHZGuzlo3MPFKAq5_MbQrIkNOA5denkguGlCrz5oJPMtWLK50GWacA1iVirYEBd6pkL1tm2wiOew0tfISTpHffNUYYxV7ccDJlkc3pD3UPZHzF1CH2UZ5H8znz1lUPb0RkawLpjba_UgViyfWg8ZEqRoXHtUXiAyHqXfNT8jDKJ3YlDHEqaO-gmW9Wr2uGgsEl9MNn_s8oEjEJ26yj2yaFI-1Rz9pNEDaCwJK4ffya0enLxa1jOYHHKd8Rd&cid=CAQSSwBygQiD5ci_T9sCjZG-znvEfcvfZqCctzpjRFYjZDdXLccj30XtpI42XcROFiXmjAKOZ2m-3OzZaUjQAfeUyw46cFXjg7kWmUvK5RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=2099050825646490000&adk=2857193498&idt=178&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d64958f0469fd4261175c574d7c27fcaa8efff22bd4ab8db5f7b828ecc857211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F44 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtBurAgmdxjKUBujx8QBdcJfTFVzVJtF911lsezBivmyf0PCmCkTICnarHmf4yoWYbWlFll9GXZyRTTXTTW7u_0YwuKokKGJ1G-5KvF0W7hUL16lwZhY39aGm1y_yzfY6FjU3taNy_81YwDK3OhZF_i5DkfRNNDCk0YOTBvJ5kHyRz3Xs&cry=1&dbm_d=AKAmf-DWiLn1sjyXqrdObLz-9AzD1OKQW_vpPcHINlcFFp-bGovJvTc0h-dXgGr8Ls9QV7JyOGZku-dN3EWTlMq657m9QnGgSeQaD0td7ngUJwL-Pp8KOIpPufRBdnplxbFK8gbf3leqztCBfK4pMGknk1DEMOXeCYVndT80cfjVESauVZixjTfpvzO23FUx_ps6GgyD111BWiu16-HttHjRnStkEx6tif3JuqEQI0UhpEhy3foOzu9rILJC-TMeEVfclXwlU7VYL8RdipvAiKo9TO8VIcvgNr8VwYBxQGAL5uTbEwgtapvkkVw0P0Jl8xaI8cDWKOh7z9lXNJRXXl1PJ1jMnoIrb3PDxeK1f7-DryXHgujKiU8qn3LsjN938JzRnXCBH8ZbWcqsUbw5uDaQlUpZ5GgKgz2oQJQHLu3XKGdk-Nk83oakNZWCnNq4-pUbyE-GVYQscCdxI1iIE5fEr1fVPlym3R81y2UHG80Zf-0l6pIS68LdOYArVI7tgYG6uqVDcaBRBVyAHAkUjFGvA9vzqmL4MRlhfsBZ1vlUNyQJAOhIF3cVSHVkctZm6fkjnwTGUbi3heICxzFKx_kNGui-VzmGVyvLQh0-_FFzSZfNF9OSF-0K1Nto1bp5fOFZTC8VCXNIfMn9b2heHf6B_9I-gS9ksHpZTUGX_07dRRO-cwZ5O_tE5WWghuuIj2Oh5iNourAn5PGucTE4tiI8FRM10BCS979sZC2eV34aIGN7keXvcE5YogbFTeRpL7IejZVnxD7fR7V5gW6QaproqiQ2ATLXb7K1_ImqULLf7IUji87ObjXWnjTW-kJpS0iHb2oO7UK8rM0S7MvlZv7Fkk7gGp8_Q-h-6LMz-HI3P4qw_xtGnoXHZQ4-ZjJMKJJVARC3hGeppOVw0iqfGNN6JYgqIuXz1L9gfpCzaFvJoj4oh6fAXTEfW_Sj4mjuy_Ax2le9vSGw-IQYfBqy93eiX3pCUqTn9MmAeCNg3Fa2KPFLeQLm_wTwhpzojF04ch0eNNlGyaT5GB1NZC-vOmFAJFDJyJttASR3aoUMX-Lw4RWC0GSMqIKPKw0luZtIrByuI8xQCmOm22DT2wqcqiVJNJ3AkdAC-k9tGpQe0xH5BieN-aaUVtQnuf8-ieaGQJ6pdnh6W95VT-X20H6NhN4FpFHprVJfyISjvW3Poq_CpRSiaLDFM1eopCgrEL0AuZ_j6FcSrNAzGrK6SvOcx1sHAOTD4Rhwqdb-r89RwI7-oKrRLNur1qAlEbIP1sfH3Jd1qhSXgvc9xL4-HRkX9LnzroOxjvdSei1uOeQlF3WTskhjHg43ZvuN1r6LKFiau7JW0kURR-AlWonbxsCJrSxUilc-loqPjRyrzjjtgk2fKyDLNvhqjzcTRiOy4XPhXSLlcKNvpWfGAh3-dd1I24nR-NumXJoqEIIFmDCKKIHTGZnBzhFokpGIvQiYT69K-4s85AXnt_JDwg5bJnFrlj0OIqryQPkVaKrzJAFqzAkHFjyjgps97aYZwQs-CqefsndJzHSZ-8kN8UoLXYOfzpdO5i9WunfzPsOPWNNQEPtaifxD1l4FBLdbAe7GyNx8ZGLWnG3wWL9a0Zb4F8ZyTjcM9dMywXLbUg-QPxL_6JBc3q7F-HToC3QwENkTBaKyDOmxMQUss3gizammy2wo3QPZDUELiSPAWI6ze4WKAXWDL0FB6XGr7F7sGmfZTE-SoTJSXo5cV7FRO-GCMkUBO2Y9IfsMqYx8iIzlSSo1JHKY2u23XMxtKtpB_R3-0f3KLfV2KEmksRIKy5MdTKdOTdLd1D6vV1sWCCWForDSlrYZE1GM7VRHA1kniSNev5-SR5ffEoZCoqy-WCI20zd4NBDLkZmng8DegQYHkMJLwruEIQAqdXbJYc6r45sZBNqOcsew-guiypBPELHVp0a8PHsJBMDT98PgXKbXc1p5X_QhZncYe0rfoBogF0m-wKsCEykjwddtA-em4G2-ke-57EHR-QyZX91bnvbiGTheECW0kR-I0U4AutNUVg7jd0Iq5DSonDli7oP-KXHu5ZQnxzilHKrlxkEPog2AkqPEaE1R3s8uUmUpsubDoGHlEHQCL1HZucPjv3FoRC1zwM3kfsFOR-ztexjoBLIF_wRbiFpR3q7MzV-gEV7D46eSovOrgaAGvv71jk2A0mvsbj20rb6I-zAr4gvWVFcpktwmxQFkQkPttnsR8ue25xAQ2qvzRJUgmRWDMMda8AkWxH6PLEnm7gH6M3a_5haEPJpeDw0M07D9ICWGrQ2ghtNye95RmO-dRINWh8ecKmtXzP4rtxRg2owxNQq5RhScBQSmGdAOpONUP5aniDa2_vFvPBlSwqM8McEegqRn5t0dJhkmHqI_0zzsTkQUIjAhWnHgkFh5eABBD34H8bciU6y0WUL0Xjo913D_VrDM9oye8UOha03a8C_5Y5_r_DPukRMwJdbUPi17Xp1PhxEudQdmuwhrxI8q_lXMZvrykofIDU4VGBqJ90Ah07H9KUXUmonhZjmDm6Q7kdiruJp_HYiTo-h8VNDS4ubbZNrl_B1DisU1ZLyYWE71oO7hfJ70u6T8s_8e21oWK4n3F6YZXcNlJuDcel_KNwS9I6_dXuXqmWtmnyDP6_eI7-txWdUGcj1e1ykIOxTQ9iVr-BFEQUTF9t7-RgunvXyN8YGv0wtRtSVAtfOzWGx3cKbmv_VLD6kjUbGD7UQaK6QG3kzK13iiOCkKXBsu4YtBmJnwwAnTHDzx1pgRx7hHRqrVUVsI9H1RsXVhQ2igKifWDVeWbEfwLAuaxPblzKncnHwaBJD7ekb9I2P3EVTRQUFkuWDKWniVDiTOdLrnDp-MrKfT712noEnti5-tLbadAPVkvIvLajISRAShXs1-tfYoKHSEPFJhWqyoPI2A5nKDGbjenx64__N3f1EkAbpDr4-SBwwcif7E79u-Z6L5Jky0ekIjVR7wXSjBNBumyIeY_Ou4zRVyqmMeJoyx3cgqPrrjgYYSLErXlbj8cY50DAhT0xYIf_mud8ZM2bwDRPH8nfi3Won-TU671d9G0PV1HZorji7LDw1qdvqGFMd1NVNzmrYGDa_OPfUzMAh953cWQWaNlLrL7g8mHBFYg6wUJlyFMbtaPpN3IbHVRbuhX26xONXkomKKGIbm9WKugl-Ksl0XHIelPqOoUQrBCVAmDuT-GEjAwFM9_MNzgEmS86sEL7reGgYV-DbY_KPXm2EyhYsYmdfKhFR3Ckpr262M9GmxLPYGb-PQFtt7SiBj06vjzcHEexq1AOhcO-aVDFk5R0BAOaWF7X9-MhT4lL6AVOal&cid=CAQSSwBygQiDHwu8HhGich0ZySw_JQCr7occC6Yn1qmQ9XYMQ1lJm-IuR_7vklVnatQnUSwdCGDLlpVqsz9KtQXXXphpWxGbnePyZLmITxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=8364803040323480000&adk=521587874&idt=161&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 0F44 57 KB
19 KB 52ms
51ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 35DB 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 02:30:01 GMT

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FEC 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 02:30:01 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame AFB0 680 B
718 B 136ms
41ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_142489747862&jsTagObjCallback=__tagObject_callback_142489747862&num=6&ctx=15911784&cmp=203336&plc=7322076&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=142489747862&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=113&bridua=3&dup=null&chro=1&hist=2&winh=280&winw=1024&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3A%40Tar9EEADTbpTauTau2dfc_e7e474fe473a%60%60e3gace%60gdccf4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2dfc_e7e474fe473a%60%60e3gace%60gdccf4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.30&callbackName=__verify_callback_142489747862
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: ca49b163e3fc9bb9899c1935e5d5f0494a013e1089286ad8b5fea85880640a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 05/25/2023 06:39:18

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 86AF 680 B
715 B 134ms
43ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_997449312486&jsTagObjCallback=__tagObject_callback_997449312486&num=6&ctx=15911784&cmp=203336&plc=7322076&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=997449312486&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=113&bridua=3&dup=null&chro=1&hist=2&winh=280&winw=1024&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3A%40Tar9EEADTbpTauTau2dfc_e7e474fe473a%60%60e3gace%60gdccf4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2dfc_e7e474fe473a%60%60e3gace%60gdccf4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=2.50&callbackName=__verify_callback_997449312486
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 1fa15b31fd3e4292ab7529df58d9c86e4e8f86a15e42ce8ab9ceff5fe5fe1b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 05/25/2023 06:39:18

GET
H3 200 container.html Show response
a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E93 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:17 GMT
expires: Sat, 25 May 2024 06:39:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=10.86&b=1&r=kooora4lives.io_auto_interstitial_desktop&sy=a2c0c429-7292-4d85-9863-e82c605b2c39&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora4lives.io&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=dd08722b-cbcb-4ba8-93ae-0d82fbaefb0c&e=lm&dsReferer=a29vb3JhNGxpdmVzLmlvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id: 01GY8Q5WTHSS8FF6JJS9ZWMAG4
date: Fri, 26 May 2023 06:39:18 GMT
cf-cache-status: HIT
age: 1410511
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7cd4052a2db73a79-FRA

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7BEF 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B466 106 KB
37 KB 95ms
19ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Origin: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame B466 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7f9kQwjdESfWPSA9dYRsVEBBYYEf9h95cHMvitmaRzRneZxxZ1qybj_-lr8OprTgGSoBJZCa5k5D-mZKH2SOYEptw5A&cry=1&dbm_d=AKAmf-COBEwDKBLhLbAoWdiQgqUwF69PDc9nBTU9P2M8vfriXJgIwrFDbXVEJ5E3HTVg56lW_tyn785jM-mHPkkMEqun1aTpXDiI_WM5-DAQv2OWZ0L6xWn87N5nx6lyWFuDWiakvZqRyUZATVaPAABZzh1mrctoiTTG9IuHBe25TIW4P6M5tcW-g8YZi7euLmfJcTDjtTNvOSxK8P0_o_1shGugXqNV1yb5TlPkCS1aAsk1iQnGQi2vkhvRKgMsN8rNdOU9jnAy96owGYavj8ATnB6etMuWj1oDcAN5CY5_V8RaNfEevCfrpshY_63vuHkDPGXsXejkZT5h1ZQTPaiLrlc_Y3KbgxCSaT9dFAzgcahqbJnNLqM6zu3zKkhCgvs032lnR7cMRYGpLAYmrXX_MfeXbkwROZea9G87ZwThCAipzGXEs_3tdgNfJMbU9bInTI8yb2mdd1DNxLk_UsQYsBlte1YHLWE61rwSS2SSgKoo4PcJCZCO0BK_iGyrhpn4j_wMGS5cp7twP62CbayQlBL_TdvAFdtRWnee14BS_xKSUUs513vJOQu-zd7qVLgaBtFFKzSm4Je0ya6dfoQjEKOQs8wfzYcUeRctKX1mdkwL6du2dKe3FOgrNqVGUkre56o3mujLs5WOzpQA2jIKIPG0CBehQ447uhiXKQ49O5x81Day2G5-nJomidxXzJXfMlpmJJOLiWCxzGnAvr0F8fbSNggbkJsjNfWjeIeW6dE07QYrXBUmhQmb6WJgDc2sjaPu9QOMJFrwGjXDatLaNmcu-fwiqmHdQN6FdfwBrzPgUSkSrRnEp2FFE_W_QTYGWDuxkrZ1mP0QnscHwLPLzhGOJcpVtQJqYkfIY0bTTTtIaGf70JAKYFsYG4s0VtJWEJCIUh2S0sKvOnwrve_eGQZ7iXFIOMx6IQAc_LHuPCs4RdvMasgCbA3Nt8ARz0zSkGcNnyfq0aKLkV81secciWJmJnOZnmUrIAZvIUYA_rnb2wga_4WUjRdw9YqUkp-wz94SsTQc2TcKPWSJvi_3FKHywUmJoUF4jrUem-5MS1ROZ3yYrgD_7eHbe8XSrBRXRWUkKFZ9HHFDc8GULtf4GPhwlRM4l2ZH78UfazaKfuEyUl3j3dA2bQ8dNhDv9hPt53pjd0VcLZZmhzZNSZrgUc8FZag2vISw0LCij9dnYsmZ54QE2i9cYyoedEMTwrIIZ08lqRtO2nd8hcGYaVz74u9wvMccdJGTnQ7b4lHS0WjNwS2uRQg324TvU7sq1EcYW4jkRnkED4jINKBuuTohjs-LFSgNKehWVAaiAcAL-o8HP8rwfVRccV_XVAZdw_SC6o2G6YS6gpxpFh_ZdegotFSanwte3UV_DHN-Usxu3d05MV_H8fE0zHVeIjXaE_ruSe51mpfuo9cjdUyVWRlKBoS90BAhElBzZCgstmPlZx88d-07NfUbcZuqBTeduBz-Fe-dwNf7vWZRmfUn7uci6iNEUgv-R5WEIL_30NPcggy0xBnBcHkT43VTByYdtTTwFq39sHUndr3PcmEBGJKYBxXTgoI03p2B5AczJ2XvCsd5R6lTHu_BI973ZGuRZiTPVprQUpXzvHagxNELWvZzxNnmd8a_k6Jx2SPAcI-QmUlkC1qHKjwCixoQLFNedN3yslYrgGHVpSonzE5gcLMBzw7inBvjRBOw-ErCnjiZSHwla_oCwaeAIUu5KIRQLKEP1-AQlhdIbIq35LP_ki7EEI36okd_PGACC3Qlvi03cM0baVYk859G6Azr-4vWP9I8_vcyBoAGr1T89W-XQrD_l36rTZhTp0DuDKs5KMRbERWmIoluRuBo-kikdMnLm5QwEEGaNpt3-117ZD-JfZj0ZQZeGb0VCLKxmKlC6ggswAkGiAusF9ne6eSi7nggQuVV2j9AazCuyLgdhmY9WiwVItCBXMtT3m-k-zB9pMiJp9jDsYPBJ8CPBorGSH_u6cXTFbFf6yws54u5XcbcBBSOk-9Fxh2rUahW4bFpf87kPAbFLGYctfcrKp5Cr-FEfspj5jG2ITEb4cta01DHzVf_NC7TofhCwjsSWD5G_Bu7aH3igaNlxBSnCEQ3fxv9OHDDHuxL91lI5f2AJXlGpmq5Mm7sBpP_OKxSJDKWJ3wZGzpKrGOIgF3CF7Ero9chsfrODrZdI4q3ufqDreWw-6zTgWqJUgnWoP__Zbh6WzHZKfFMVlGBLnyrFCPqALQNVM1awWkL2YJEsO-LagZ7LGJUlDlFIjh_81M6mybgZ33NaHL11wRVdTDqdbgOrDQV2k5l7IeGkAJzls0EFW-IMxN9Xo3yKOs8i4a_rQAzGCVYp0N9JjstRSlPw12cxadpQMevOeUe3URoOgBnV7E3Afqrlp-MQHqrjU_9dsYxSjWoQdcAVePgm4d9CjrGFqoXmIovQ4XUtM3Wjkje9YRLL17Lw-nqv_PzKeFF845w864adCZpSXWQ78Szu31gMW39OnkoV9ZWbmk9vxYBVALD0RlmSQ76LMKirnVVeuHPN6MEvPymGdTKSPlwdwFPWmGSRHHeYJ5B1alLBOU_MqAeWdFmD94HZzQ9dKO3KrTrlDSOQX5572BEM_Aw9rldSXhOvPBM_dTpfd5f-0uWo8ySP17xbQAxs6koyRHi215zVq1qsU69mEJasNpJWCuw7y2x8a6wZwHOsC1KzZnKJzXCU2UhtAdWXSaRdjrwORulFxlabP83_ItQltehIsEDtBNwQFVgS_LYyN0w82cqdWt2TpvfOh9gYAxMz406_u3gV0kfVGPhLf0Np2ADAburEFHDZiRX2zmOrA2mm8WIRW-E_ju40EPx-JPDcAjHrWW9vL5tbYvsdcN8ODghKvSskgUQlMnVvEJ_QhwVd4DBmHJSB3uyiFk-juQwUI2k4EdLHL8xstfyP4sJUsXYtLrmjtfJ4-0Wcyphw8v3U21qujME4hdLnb6KEZ7v-PyE-SReKKIFA0_ImExPRWGqBUId_sjiw-tcaWtsanVYo_Pw59wOR5TIYh5t3ilKwwSCjG_fJPq2i7KDsrI9xpcNwEBjjLz1YVwUatwm5xPuhvH6mqtc6C1xkLWQ8nH-83GZUJSmb51gGmZRNqTKcyffi9JrekGcesZpJL-7WFSTH79YeF4ZZ5Da4fugsReZlGDXdHbHhOBj0yk8Mr4nntvOvp92HRzpMZ2SPoJ1u5jp9xmsrWHZGuzlo3MPFKAq5_MbQrIkNOA5denkguGlCrz5oJPMtWLK50GWacA1iVirYEBd6pkL1tm2wiOew0tfISTpHffNUYYxV7ccDJlkc3pD3UPZHzF1CH2UZ5H8znz1lUPb0RkawLpjba_UgViyfWg8ZEqRoXHtUXiAyHqXfNT8jDKJ3YlDHEqaO-gmW9Wr2uGgsEl9MNn_s8oEjEJ26yj2yaFI-1Rz9pNEDaCwJK4ffya0enLxa1jOYHHKd8Rd&cid=CAQSSwBygQiD5ci_T9sCjZG-znvEfcvfZqCctzpjRFYjZDdXLccj30XtpI42XcROFiXmjAKOZ2m-3OzZaUjQAfeUyw46cFXjg7kWmUvK5RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkooora4lives.io%2F&ds=l&xdt=1&iif=1&cor=2099050825646490000&adk=2857193498&idt=178&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:18:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame B466 29 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 16:58:29 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 0F44 680 B
713 B 74ms
38ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_966505103777&jsTagObjCallback=__tagObject_callback_966505103777&num=6&ctx=15911784&cmp=203336&plc=7322076&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=966505103777&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=113&bridua=3&dup=null&chro=1&hist=2&winh=280&winw=1024&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%40%40C2c%3D%3AG6D%5D%3A%40Tar9EEADTbpTauTau2dfc_e7e474fe473a%60%60e3gace%60gdccf4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2dfc_e7e474fe473a%60%60e3gace%60gdccf4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.70&callbackName=__verify_callback_966505103777
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 86240d749cf27664e79aaeb99178a6ccb4ea5ef73439996034b83720979153e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 05/25/2023 06:39:18

GET
H2 200 css2
fonts.googleapis.com/ Frame 4E93 4 KB
744 B 84ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 06:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 05:15:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 06:39:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0876 14 KB
2 KB 71ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 06:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 05:16:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 06:39:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0876 2 KB
892 B 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:16:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 0876 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:16:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0876 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:05:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0876 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 14:09:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0876 171 KB
53 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:18 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 0876 32 KB
14 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 4E93 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 16:20:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E93 205 B
519 B 68ms
26ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:44:11 GMT
x-content-type-options: nosniff
age: 50107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 May 2024 16:44:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E93 604 B
696 B 68ms
26ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 22:47:59 GMT
x-content-type-options: nosniff
age: 28279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 May 2024 22:47:59 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame AFB0 0
234 B 82ms
33ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=adc66095578c467691b4995796860299&vfdur=137&cbust=1685083158222296
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 05/25/2023 06:39:18

GET
H2 200 DV_GlobalPassback_Update_970x250.jpg
cdn.pathtosuccess.global/ Frame AFB0 115 KB
115 KB 119ms
23ms Image
image/jpeg 2600:9000:21f3:fc00:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_970x250.jpg
Requested by: Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fc00:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1165aab0094ed2411579eeb149c033d97f73e5dcdb116f40eab65d3e82d94bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 19:36:29 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 39770
x-amz-server-side-encryption: AES256
etag: "7e480c97f9008854b4c2e336777e97f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 117466
x-amz-cf-id: pKRjfC-N58gSHXBhkpd3Q5uV9MWcnER_nde3c5oPa3NCQvZxj4YYhw==

GET
DATA 200
OK truncated
/ Frame AFB0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3590042e74f6c2abf20dc96ba3e78e40149fd7a8eccd728b452cf9b33fa42e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 86AF 0
234 B 75ms
30ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=d0cc5c455f614af4ad189bcdac47788e&vfdur=135&cbust=1685083158255989
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 05/25/2023 06:39:18

GET
H2 200 DV_GlobalPassback_Update_970x250.jpg
cdn.pathtosuccess.global/ Frame 86AF 115 KB
115 KB 132ms
69ms Image
image/jpeg 2600:9000:21f3:fc00:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_970x250.jpg
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fc00:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1165aab0094ed2411579eeb149c033d97f73e5dcdb116f40eab65d3e82d94bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 19:36:29 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 39770
x-amz-server-side-encryption: AES256
etag: "7e480c97f9008854b4c2e336777e97f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 117466
x-amz-cf-id: -vlM-sNXrR8N7ExEOZHTLn3Y97bYSzt6xYCfAQydmxpAtCfk_wMnyA==

GET
DATA 200
OK truncated
/ Frame 86AF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0af2abb78bb5af4b56af3acdd168827b3e9a204e9d87e631e97569eb1489e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BEF 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 02:30:01 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3C9A 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:10:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 0F44 0
234 B 29ms
29ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=00ee6d6a5c704033b37fddf99d17147d&vfdur=75&cbust=1685083158305372
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 May 2023 06:39:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 05/25/2023 06:39:18

GET
H2 200 DV_GlobalPassback_Update_970x250.jpg
cdn.pathtosuccess.global/ Frame 0F44 115 KB
115 KB 98ms
85ms Image
image/jpeg 2600:9000:21f3:fc00:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_970x250.jpg
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fc00:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1165aab0094ed2411579eeb149c033d97f73e5dcdb116f40eab65d3e82d94bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 19:36:29 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 39770
x-amz-server-side-encryption: AES256
etag: "7e480c97f9008854b4c2e336777e97f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 117466
x-amz-cf-id: 67YzLlT-6ullIOGD1TjAvRIhEQ0w-Nu2SFunnnhV9CMt7Fm__5ovrg==

GET
DATA 200
OK truncated
/ Frame 0F44 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e9388923be921226ef32ee8d292707cdaf1507cf524d5942602f7c9d683955c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B466 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
DATA 200
OK truncated
/ Frame B466 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017083996a5ae02375d267ecd7de3d039b875810c8e054b9d701eb2f230ee4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/ Frame 11B4 6 KB
2 KB 71ms
23ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d040305ebe277dac907545a7448628f0c355d1ef2fc301b1c9e5d263ba2d849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 343206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1923
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 07:19:12 GMT
expires: Tue, 21 May 2024 07:19:12 GMT
last-modified: Fri, 19 May 2023 14:50:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B466 0
0 169ms
65ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBV7yvp0lifp5ATBEr05YcNpM1JeeBwWzwLV0bmvhosUxCrdMdcbMww9clXg9WD3r9d_wlvxykI3JeWebmkju2yYR8dS1Lmig457jKC5OlTLuwZHyRiMWfsQG7bFxh9A2gt_O8ggPyfb__nEEAAQmgSLrtjaeXiLbEata3w4XM3V4m4-cNfqKftJrfPAFJoQR0TOyRd3hxDrA9f6xlGCbA1n9LnSyfKhluNF26jBeSUEetW1KW6FoKXX-PaCaO-NoGUCnOCj3mJXvpiqkFJ22UbgCKKF2LKG_N6N5hid6Z-J0dchXflWCOGTeR8BHcOTlvEDv57ICMtz8KDmJYmHMhX0UNkn44Jiq_qJX1_6IjxlZEPO3qC35tTvrxTvVOaOdIslxm1jb92_FQY0USPVQZLAA6igIPMStyuRsuFAuj6jJS4LeK4AaNffIq0FxjqR_BpktT5CO_xEkGgxfagzmHxajsq5QnxZSeRXc2-H03kp5yZN647j0D9g05pL3lEcJ81Fjnj8ctIJ4FagHEi6A2mU0nsRKfvgvC1agkvul8uKO2wiisLox2nNsyeja8Ib7VSBKFmA1bTPRLgZJpuqncXZYcEo7BbD3BC41mi8qMSZe3Sw_6rg8qQmYTcZPKRdbSDZeUbVH5VDIW0c4GCnz705GueuoaFejfqfSil8_N6Lx3-ihNQXITABkyW1EbE9ceiu6kR-CrSJJzuexeImA84afEBUHfEHFSxS4BZAcrpTWqdK0z_dF5G85fzXyOghHRQZXpxlUZA-RcYxv6MxdvKhVmO_CaUIuLrpFgpdhACiq4x-5yGrXkeL5CQjpR2mqgj8lqRQhuMyTuAmfitIM0TXwRRqm6b8TQk3oo52BPDsA0DvUCFa4e8BK1b6bszCcKJ4BgmR45fzT0PWflrNpCurBGgZaLJYqqwaqZFZ0PeWymupjeBTZcIMKn8nD9KKBOjW2s7DBPw7VXI19AEewbvVpGQ7RkCiOAFk6SNufAd2ODO5Hb_f785tqljMHhYyaxAIO_CKB_GS5gT_OUUU2m4XOm2vamqPsmNudEid-VE-_vMi7S3ef3-l7QxbzUICrMZcg3WX34R9YHnAJkHh_ciydasz8OyYrBgk9wHAYnLDqfCUeNt7AWSv-8mP5kcXD1HDJe-5YoxffCCGevDWKMmw08BScjll5KDGXMzAwK4m7oruCBBnkh6kh5Pxk8uAWxgOhKVZIUJY12zw1ubqahLP082OVgzgr65VNVTxXYWIOfWVfbMI5E4FN3Pg&sai=AMfl-YQjylJ-LLauoYDSlMVWprGtOND3advsiPSoy8trP3KPDgv_rV-dlP-dn6N0nugPZKfplJ-gG9TPcfwkG0m1ggBOfD2i9XzB3W9fbhW4FrcThpTSY867vp8cRltu8R6nXCL16S8FviYFnuQFXyYVruI6Mro6Bg4V_BBsqp1tEsBn0V9YM1PLTQjP0TmVC7lVHiWivGP9OpfXbuizG_YDeE5eoQlwLCQUWWnW8Ff_tM1_qYpZ__seHK8eDU6ybooTTitAUNNWgGUtiuds_C1p7wHoLWC4TEq8&sig=Cg0ArKJSzK_MZZItEdk5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&cbvp=1&cstd=227&cisv=r20230523.08628&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 26 May 2023 06:39:18 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1217 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3C9A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
URL: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:18 GMT
expires: Fri, 26 May 2023 06:39:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:39:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js Show response
pagead2.googlesyndication.com/bg/ Frame 281A 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 14:26:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305240101&jk=262028666241815&bg=!xcalxpLNAAZu7ficTu07ADkAdvg8WmIrTDse4E0mSAAoOEBaJe6mxZ8mXBkV7IZPWszAaKSma6L7maf0F5Amyza_OHB_d-NseEACAAAAwFIAAAAGaAEHCgAHQX-4FbO5F5kCrdqr9A2sanazoDednUQyjOZMyi90oQv60WqW5c7TXzpiWMCfDpIskeQ9NlfSLqOg0RL9HiJXVnMA97er_4ipQ3jhmarRpXM_4iowOnqc5GB1KsPVi_6ADIoKHKwMOFULsVEpzhOTrd2S7M88YCAGncicIPbwa4D-zK0WXDWJ8hrBqlgQAT-24qP3vvY3sIlOcRvuTlpDcWGVytIjKMFlP-h0lJUdibAGBUpgH1z4TM9vErsNqj5E_EWmpKvD5o_hCCUgYVswhRCZGxAO0q_WjpsAQIFaAQHTj39FWWIGq5sn2XzwrJfnYu3CkisYQ7LEhwhY8h4bk_RORCxmoHH2pjGPl8jLMpyFtmprKnWgp97MbjWM2s0MNY_69L1lHrYZwkVH5XWTW80C6ujwT5wwPxj0GPc8DNBH6eXcz3IiDBs0Xz3vG3V4LZJxeZGttfj5aYeOetAXj75-DCUDjLwGsf5PPb0ldfv9cYjA29pf62iskfK07Z-sAyYszhLe-pVA96MDjVcyGQ0Ha8CUnQba2qbuYe0a2hTNXY4mrGVn8JT0fKTRntFeF-SqJBNXrO_wqs3pe_pCwoPhngb5ekP39Oe86-fMDmUxJOzU_ozbXmgsDOuMa0jBoQ_cr7ECzX3Sr2gzTdbuOtpOdkK42T9KQFl3jzmqQ3yXxC3TDA5kxwfUGqVu0kTIWjj57Zz5LE8yU_8zpRlPZlNDG0EAEMrgbs6Wjlt4kkBD8s6jr8gkk2UM7t7KnfOazpkyr6y1vfsb9NyoGiyvSiQiCGIpLckyvMONp13C_tLESG8Y7LS51vV5IDipM5EJKoICecaYG_Ufpr4qXK4wchPVqgHxekqRSjh_BlB1krh_O8GZcDQWZY0K4DGq85_ZItzTiwwDHO-1mtjFv6SRBStDodffvCo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1217 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 02:30:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FEC 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwbGwFVRwZLyoN5mx9u8PpY2aqA0AAAAAOAHgBAI&bg=!qaqlqv7NAAZ8_aWmXP07ADkAdvg8WqyrU1KypzxDukkBxkZviLPdIyTr8cJuVYN0kompVu3fajtwqiPwQE5eh7j3V8OP-EyyZkkCAAABnlIAAAAEaAEHCgA8831rbqThgDqQ8BMEmlp-9QqqRu7qRytcDYPZetCo-4hXOUAU0_Xg6AZ8EFNUkyNlgQxBhj4IhwkOqy8hmQNFnjyAvQYNYj7rOAi2AA91cf6nRmTi6yasGkVqSbhrVM8Z-1B1gufkdVFY5Rupt4Cz99uUrjmZSToMOmQiFEYdG5MXpqn2VspIZGqIHFKVlbfawAl_3fPLgDoLHrKbD9PCmCdEMmroA25D1w9Rdd6czpOiOzueDF3_b2vyROo6PNgQ0OCESyj5OO8uILSiWlgXYHnDxKcR2QA0WxR5Bsz-25sYjaMYQ7PaGhJAATOul_HvR35z5zaYvWtjxOC7hwqM4TV_QVmkzcmFmEKXC49pJhgbO5-0xLh1OioTgDtPpIhLMHGe9snNB4mDDi0iswl1nshsSm-G6BIid_BsHYLYabK3-a9oThYlSKGfY8hioibBlkw1zUET3IKJtMz7cCCejji8E6pMp3CjwjGtke5Fd8oZc4qn2fUZGGl7an91uvDjPo37nmp5JymYYZtYu8RYR161vwGZKyayjqHL5rs-jIFLZK3_7FPG7yytYot8gs0o2pHCDkajI709AXEwHU9d5PeMuwBKqnToa7CubzqUn4napRFNn5U0z6ekh5k1hADEvNxmXTTJGvbka7iiauXMFgIbRVNG70Yk4qwO6gFTyc_XD8x8dDu0AXqkpbYZpjxrL4q7P95BtEEUDsr6ZS1LsQQkMA0fpLvi88HKEiO7UPVo8HK8_gpOrq_NXwdGsr3iuVnHWIV9p6fU9IETLsEo13jebk9KDz50idSqo_QSL4Ol6EphDjjRXiVPyS594jXIHRkTfVIA4BQ8h1fosxUkugsRPp6htwUThb8Ks33OfTpNHYh4vkZBxgnM_41SuxPHJyTWi1IZXsQ_qpjbdkds7nKmHFuEIuFYCJmWzMYjIU-C6ASdIYUCpqVnRXeKnwCcbFdyQRmh8Fy1OEPbCxLRD5qI9-I9l0DheCHBVlWa3xaBKtBoHB5tCtFI9RglZIj3mVHWRQPp96ByWpIhoH1jQHJnGuSJ7bDwhn3e3edn8BqjBqK03GFFVYvCIPpALOMkQD7zhA_1MVBLAaA2G4cMyIfNVN0MRIpDhjcRyVyxBC78L-6ooz9EPkp9rrtToNu_RNkBGcz87XEaquy-8Qf6OMmOnB7YGeu_1q2ZkvyBOcG8L2Q5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 11B4 60 KB
24 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 06:39:18 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/js/ Frame 11B4 4 KB
965 B 22ms
21ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a816010b448c3cf8ea7e9782a5846f522d37fdf71706badb4ce9c730a01d129f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 936
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 18:29:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35DB 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTZnHFVRwZLCXN8mSrASx8Lb4AgAAAAA4AeAEAg&bg=!VValVgLNAAZ8_aWmXP07ADkAdvg8WlEGxmURNMm1PdUiTaEYl_5m-H-o2CMShHrEUeFeMcldeZsUVgtAmkLyQuRKJvXnyntQpBYCAAABtFIAAAADaAEHmQM2AqYC-UMOoMV0GRZqU_ce0lHDdjaSGIy6sfHdaUnHytyNnWsBPkiKmXzvh5d5y9hVf3XtMmdlr12E4DkeNrKqcMMcwl0SZhAlf6EhGMffjiiwSm_uRLem_ssDHcxeMQW8zT07MGwtUdGgTpsTdjtED2Dq-LmO_NcoSEw2L0nTRBTYWCCYvw3rImE403bMHVsWi1Z1KBxI8eXYpYacMiYpjHim2ADdl5DQuqMPwrqWA5aQhSPglZkkb2BhgN1X1CRg3JmOa5Rkd4q3KP83B_8fw9cXFdyzFUrNS0VShEv9W-GGg7OKhVp7xZTsv5gYgMRIZk7en1pDtCXILH2FdvOt2MpXh3HmFJRidsSIRO_7aPd3uB3XyBJgRURtTCjLE1TZMXLITWFqTTm8XZndVFSfZKakFkhnTJqJq4UWTt2vX7mt21qSJJwOWj2lGBYq4wHnE2lkUoO704BElmgY-fi075BjLkAZGhD2It_y1kSkwqHy7_PQIG5kJyHNOXcReVHfMflMODtVCIZ7_qAF-lq011YS00IpQ-e3QTFu1GkLFZOWjp4V07239Wy18oDT2GY5MeTbOpa-UhVU4qre4__OLWrQb168_O5PnZFUU3d6CcsUkc1qJEYUNx0DewRhEZMFIslACHpJ2WO-xmMJUcb6T_kodBYoiyN3lAuxzkQXbYCxcz0IZmK-i_XlSs3I2EwaksapJxQA9Hew3o32tCz6x3DxKQY-4mtnBA_n6MK5xW3gCQwAP2Keg5-XEFT2x-v32euUWIehxYxXKYK6nU1I-BlmbLli4crC0vQ3v544D5DgpaHVsEwSyF85p54AZqJFMgcZ42bpDwBc0-PTwylolLm_l5MKwBqKqmwr-x47EdLfwGDxtZ7scMSzlqgr5iv0aI2VLodNik7Ny9iPF-TZGQJWOki3XMjspDfEfTdcM14kkhfl5VIvFnwMTPZsgEDUSJ1QRWTgML-UIEotUTZfq3ErGz5X05NqOlCCSx-_nVtyu8eaQSDtl0UU8Pf7Wnx5b3KUJii8d45zSOebQortWHhSIQKJV2IMyQuBzCU-YodJFnYV8ou53e1s8c7nBqLsrWoGof2Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B466 0
0 59ms
59ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBV7yvp0lifp5ATBEr05YcNpM1JeeBwWzwLV0bmvhosUxCrdMdcbMww9clXg9WD3r9d_wlvxykI3JeWebmkju2yYR8dS1Lmig457jKC5OlTLuwZHyRiMWfsQG7bFxh9A2gt_O8ggPyfb__nEEAAQmgSLrtjaeXiLbEata3w4XM3V4m4-cNfqKftJrfPAFJoQR0TOyRd3hxDrA9f6xlGCbA1n9LnSyfKhluNF26jBeSUEetW1KW6FoKXX-PaCaO-NoGUCnOCj3mJXvpiqkFJ22UbgCKKF2LKG_N6N5hid6Z-J0dchXflWCOGTeR8BHcOTlvEDv57ICMtz8KDmJYmHMhX0UNkn44Jiq_qJX1_6IjxlZEPO3qC35tTvrxTvVOaOdIslxm1jb92_FQY0USPVQZLAA6igIPMStyuRsuFAuj6jJS4LeK4AaNffIq0FxjqR_BpktT5CO_xEkGgxfagzmHxajsq5QnxZSeRXc2-H03kp5yZN647j0D9g05pL3lEcJ81Fjnj8ctIJ4FagHEi6A2mU0nsRKfvgvC1agkvul8uKO2wiisLox2nNsyeja8Ib7VSBKFmA1bTPRLgZJpuqncXZYcEo7BbD3BC41mi8qMSZe3Sw_6rg8qQmYTcZPKRdbSDZeUbVH5VDIW0c4GCnz705GueuoaFejfqfSil8_N6Lx3-ihNQXITABkyW1EbE9ceiu6kR-CrSJJzuexeImA84afEBUHfEHFSxS4BZAcrpTWqdK0z_dF5G85fzXyOghHRQZXpxlUZA-RcYxv6MxdvKhVmO_CaUIuLrpFgpdhACiq4x-5yGrXkeL5CQjpR2mqgj8lqRQhuMyTuAmfitIM0TXwRRqm6b8TQk3oo52BPDsA0DvUCFa4e8BK1b6bszCcKJ4BgmR45fzT0PWflrNpCurBGgZaLJYqqwaqZFZ0PeWymupjeBTZcIMKn8nD9KKBOjW2s7DBPw7VXI19AEewbvVpGQ7RkCiOAFk6SNufAd2ODO5Hb_f785tqljMHhYyaxAIO_CKB_GS5gT_OUUU2m4XOm2vamqPsmNudEid-VE-_vMi7S3ef3-l7QxbzUICrMZcg3WX34R9YHnAJkHh_ciydasz8OyYrBgk9wHAYnLDqfCUeNt7AWSv-8mP5kcXD1HDJe-5YoxffCCGevDWKMmw08BScjll5KDGXMzAwK4m7oruCBBnkh6kh5Pxk8uAWxgOhKVZIUJY12zw1ubqahLP082OVgzgr65VNVTxXYWIOfWVfbMI5E4FN3Pg&sai=AMfl-YQjylJ-LLauoYDSlMVWprGtOND3advsiPSoy8trP3KPDgv_rV-dlP-dn6N0nugPZKfplJ-gG9TPcfwkG0m1ggBOfD2i9XzB3W9fbhW4FrcThpTSY867vp8cRltu8R6nXCL16S8FviYFnuQFXyYVruI6Mro6Bg4V_BBsqp1tEsBn0V9YM1PLTQjP0TmVC7lVHiWivGP9OpfXbuizG_YDeE5eoQlwLCQUWWnW8Ff_tM1_qYpZ__seHK8eDU6ybooTTitAUNNWgGUtiuds_C1p7wHoLWC4TEq8&sig=Cg0ArKJSzK_MZZItEdk5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=564&vt=11&dtpt=333&dett=3&cstd=227&cisv=r20230523.08628&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: kooora4lives.io
URL: https://kooora4lives.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 May 2023 06:39:18 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 7 KB
7 KB 22ms
21ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81b117326428d9a72afca5c43a90adc70349ed7dc89143a2e3299cd4274d4297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:38:13 GMT
x-content-type-options: nosniff
age: 190865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7008
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 01:38:13 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 2 KB
1 KB 23ms
22ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 May 2024 07:19:12 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 17 KB
17 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/bg1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cdf30cab0d9fcb58c38b22cdf8930debe13d4a573a97424cd582261b0e21f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 03:05:11 GMT
x-content-type-options: nosniff
age: 185647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17715
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 03:05:11 GMT

GET
H3 200 bg1_2.jpg
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 11 KB
11 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/bg1_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d28a6aa4971f887445a264e85c2f6360ef8020302d3f4fbe96b85289762a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:19:12 GMT
x-content-type-options: nosniff
age: 343206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11481
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 May 2024 07:19:12 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 11 KB
11 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9db421bdcd57d53c121d041c9feefe2e17f6ca2e081ffe5c569ab751670882b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 00:41:16 GMT
x-content-type-options: nosniff
age: 194282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11473
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 00:41:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BEF 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bp8nkFlRwZPIR0biAB4vTrfgDAAAAADgB4AQC&bg=!dnWldSHNAAZ8_aWmXP07ADkAdvg8WgbahRH5zfkwawOrpeCNsLtzbv8-DMqx12QJu2qQ8Zj2FITxZqxXAGf2wQ7FegwkwGASdEsCAAABI1IAAAACaAEHmQM2N0rhFtIk5zq-I2JTI31AG_lBmtp2s2Pw2FOmV88gkffaUMbw7HlsjxvAG6qTzatObf0BKka7e64RfIW4tAf5LaLDEn4A1yrCqFwgaIzNc5oKL44anBNc514sFqRX5W89jtpdzrZdprt7nTGkDHr-l5KN3Dd_jFdmNoLGWSzUOLmCRL7fqVefq9EvGwyn4yGw3WVPNnd0RKtWwiIcgrN4uvl-ITzoljViX1eZn4vDSU_elHTrhb_8S3u-DUmWgQojOTlg-lrmaCTgdHK0OAIlyhmdx_6u_C03lnS9mDItJNCzk7pJyN-FGfbVx8ioUAqubBAuZsd8kh9hm0pq2ryPKSQmTfmt7NDps-LGvymA7LBaYmCco506dxbH6MFiMz3d_nAsknkoAMRj9LmASX5i_Ev5XDVoI7w6UKf-x1pjBxtVbak0-AUU2nJTpe85L_-nRYVCMLfgUGq2wRyO5Aiv9cpxDgX3q_A--YI0BXJ4zed7rCJjIlLBimGnAhw-7M-KTzEJn2FZsXm_mMcO3BHPVTasUQ8BjtOTZgsWKG2_Nexw1vQ6vItcOjyZq2M1-lNh8XZ-GPf1smLP3_aV58tJ7g7zfuCiE1AU_gr-5XfPN-75MdwwubDoVSZcJARww3FEzY72-nXNfqzcbdJ02risTx9WgTWKF-a8ZVS86qHcGX8ekhX7voShkVNxMIWLfuFVyNnUNtEvAKg0JhkrGntZi_b1U0h4XJfEjDPCprDCryIkrMylbXx_Ui0y7IHAikWu81dyes6yAgG7ZzC2svpekoFB2nZrdKh4b5alNa9LHtJmzoFkozenRFpXu-lWPJnsBs8xeRjA3dccqIZOsqpYLg9BWv81IzfyKFqQP2wtx6KqNtL1W76oNJ6mB3Kj839pSHEZMi_crhlhREu0gkt8nhq6QTGwXZT2agxBKlYWcfK3afP-fREuUE80EtJtd29PfE5h4Tn3Lk8TRtXgbn5Mi3yKXdCm0j2N9nTTXV8znVCD6rQsFGdUaOKelRh6LcL3RWLaxdwgvmwg-iMTKfWhFwmZ6piA9TPrE05M6YMomQhRbQJyUuluWm3p6L_p1Pi8P1B-hyHZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1217 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHWTOFlRwZNf3A5y99u8Pp6aV4AUAAAAAOAHgBAI&bg=!tLelt-PNAAZ8_aWmXP07ADkAdvg8Wh_BTHZzT471s6kbp8blN0JgahBfZW0Lu-tz0ziC9anfwh51asPqHJ3R6zfgL4ykOGLlnSMCAAAAYVIAAAADaAEHmQLzPIOCfBZzvUc2LhY3aAlF-tStE_9AfahzHLeDsIfaek5m7QiPwNAvxt6JnyeJvp1WMFlidWwEo2wIKRNTM9MbcKj6kjJvGZ-jHlUV8Up3StVODTVZUwrCYCwnSIq0nTxN9fYzi3VCOCpd9y5W2i1pgimJxrRClvFA2wxCRnsFUSm2MJWCz8RRpoN23ZnE_aU67yKVIcfLXqYSio29YwsAAZ-Pp_JAcBpSPozUpcEzEkausjahKIzVzvZ9W36TyKPJNX2hFpIEGrRTtxZX9L5T3ACsph9qBe1CEKl6lAog0m55q-r7sIk5Jv6sE58UDQ-RgURFs-6F58uF7lovj4PUL9ppCmIx4_21LSpUuYwgktCFIS6KOQhIg39gPk8dzdxEu-xG5RhSiyZvrhKsES2zu4FSKedtDy_IuG2KfkOt7IcETJ8veD6s7Zpl_PE_Qf_mk2TZMHXvTJXEkn9t7koLFT4UtxgTQzHE9LehyXoO35MnLevxQ7hkqcHI8a--Z_mp-2dZhcPsmZYbUbnkyI5u_Eywo0dZ9FpIt6C4OknqCetz2lHu-EV0GlBeufLQ04uaH1oE_qlxnya-FJYosYhkZG-Pkh9jaigiRVP4xNNTVaWF7n8RGagxkZWHD9Xu50y7T3kL9gHEJIJYzf9PNrn-7D4UHfaeJ2uMjcfljyN2BcwKGniud5blKV2Yy-250xwRdOs8IWO-bMIJWT1qy_PxVCYzOJkweZVPX0rtjttGkFRYHpbXreSF8TedhCCNJTyq_OJJUbVnhwrxgkwXp9UON9ER9NcV-u3nk9sV2Kk7FIaajP-6r4cWt1T1L79xZit-z2LZrJF-nBbYBtgqPu6I0tCL0zRrZ6CYwMNRs31FVIbiK91dNNuIe9kUTQq6l7S2Cg3tJPQmlPSMrb2hS0dyWBStf0V1KJcmYWiV12_ygMQzYWT3PlgH-X_LOVbh4HwEwX_CVpeGWs3IPMVRp0nvWIXOdy2G8GYzsiP0WhpeWhlHgZY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B466 42 B
174 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsL2bIRF1gLJCmw9R-Sdv3DReBTJrfB90nrWbNONido_n42I28QO9FzEXYI-YAn3IWOBevXktUxECaLaSJV3Nh51tQ43GHz1tyA_s6SL9rfrCW1CyydgLIWtgph3vSkdPJceu1eA&sai=AMfl-YTGG4SYx2eSqMdDUqFWo680ZoZ63JEnit6J5Z0m9ULuC-yOJ9EMz7aayrBWTPCDt13f4-UUr_WDeuDiDS-fuQBxGXJmH0MxhSoHC8PhIvqB9e9rp5a-ZrgJ-yDaODnRRFkf7C21Xsn1-9ax&sig=Cg0ArKJSzIQKVt4JwBJDEAE&cid=CAQSSwBygQiD5ci_T9sCjZG-znvEfcvfZqCctzpjRFYjZDdXLccj30XtpI42XcROFiXmjAKOZ2m-3OzZaUjQAfeUyw46cFXjg7kWmUvK5RgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4041016008&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685083157765&rpt=587&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFB0 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6467885209540&version=m202301230201&ct=77&x=1&cor=14597769200268472000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFB0 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6ENb1KZVsivLzyeMHGKxOG_l5sIXYldPbipC0a1c9k-gloMdzN3jbKohNladasttHJ6iMU32hvEja6-OvwXAD2opFZ3NwGTzfJIuAYA52UqFTMFTel6RbG2Dg&sai=AMfl-YS4XHx1K-CJBGurnIW45G4USByJsQKw84o9ytOkLgXQW8FE9XXCCUMb-SedEXBxDTmcasC1OJEp4OP83klpDeDi5zdlrzl_yA-WrKO_ClESjxiERSjTen2ze5pufgC8bHtngPGjopyhDN24dw&sig=Cg0ArKJSzE14FTGprqs-EAE&cid=CAQSTABygQiDKR1j6_xpub42woV51DA7Z3ynlSP3xuv3zVO7AJhBMWU4cp7sphb2I3bSUtUzALkL18L7V5iTKGYe88_4crVz91nc0t-Z73gYAQ&id=lidar2&mcvt=1000&p=0,0,254,970&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=249452711&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685083157736&rpt=702&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86AF 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3762148230264&version=m202301230201&ct=77&x=1&cor=8715190312122152000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F44 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6549966350626&version=m202301230201&ct=77&x=1&cor=8364803040323480000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 86AF 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWeQrOX8UG-DYftXKKGtTZoUh0GLGacYv_FplDqiu85R-DC8aVNm9QgEGtJPUmSs0vrlTCG4cDO9sOt47lgtrB5xJoRsYXNz_Q-3fnsc-PwsKG0kGtxOaOgxf7&sai=AMfl-YSSmsNCwkTr7nsu3SevJUTMDqrwrk_nNHEFXR3haWFxf3X18gSmlTrJrFwEOofBb868mZ-W_B43bllC9Ds6xrOwVlNMPJuwM5p1mwDaaTMaCiOYpmBVFhTpsP4crBTgLOc01hAje2u30nGh&sig=Cg0ArKJSzCcu1K5tw8KHEAE&cid=CAQSSwBygQiDLL_sLxpDD3kd41L7z7yQYC7d6YXSAJqK-NPhV4GnS7phR0LAWtR64LmReL4D3tjtbW2c1MLFdFXoQFH3g_cvwNlqAyoKdxgB&id=lidar2&mcvt=1000&p=0,0,254,970&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3679748793&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685083157717&rpt=764&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F44 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOe3p_OLFM3LsABFBY0t-hw_lGWknUkP4EWFLTFD9iiC4n2sgJDPlzyzEX__b4iBmv4lXS1UMVKCIUFWKHxuSfdAhJDEUeQBiKhZ5CiPbcXOYi0MI7U3AEJI8_&sai=AMfl-YRuuNYVdB6ZPmVg5P3uSOaZYBMOJoi4LegzCMGGuChDyqhYzwH73pFMbz6aXa2OAVvFc6xaqIaHgvAhrxGU7bD_z6mgzgNVl6C8XgH_yi7hhj5-hxO1v92Ssm83UFklWlXuwpiP_nchNDub&sig=Cg0ArKJSzKNThKUxpuTBEAE&cid=CAQSSwBygQiDHwu8HhGich0ZySw_JQCr7occC6Yn1qmQ9XYMQ1lJm-IuR_7vklVnatQnUSwdCGDLlpVqsz9KtQXXXphpWxGbnePyZLmITxgB&id=lidar2&mcvt=1001&p=0,0,254,970&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=603602945&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685083157805&rpt=690&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/ Frame 11B4 2 KB
503 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c3732f5a3f1d17a27ce839da610c7959e96ed62569732ceeaf3e9a8616d011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 May 2024 07:19:13 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B466 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1263981184794&version=m202301230201&ct=76&x=1&cor=2099050825646490000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 06:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 5 KB
5 KB 21ms
21ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46d026f22b62608a89082dadde743ab4f7367464797fa94cc7c7c03736d44a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:19:33 GMT
x-content-type-options: nosniff
age: 249586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5049
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 09:19:33 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 7 KB
7 KB 24ms
23ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bf3307e22da22ff2469d8848a4e17d7896b215582355cbae6f3f5c1ec40e661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:51:30 GMT
x-content-type-options: nosniff
age: 190069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7056
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 01:51:30 GMT

GET
H3 200 txt4.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 1 KB
1 KB 33ms
32ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db5cef2a22959fa11c1cd52b914a47a528569026e22488f0f0079b61bdff0270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:38:14 GMT
x-content-type-options: nosniff
age: 190865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1451
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 01:38:14 GMT

GET
H3 200 txt5.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 15 KB
15 KB 29ms
28ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6a189b6751a04ef189c83ad4e01de219c264204642857ac58438dea7a955178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:29:42 GMT
x-content-type-options: nosniff
age: 256177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15618
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 07:29:42 GMT

GET
H3 200 txt6.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 16 KB
16 KB 25ms
24ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a073f675acf4fae13299b908fafa1e0eb2c67fca482efec966ac1393c9da261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:19:14 GMT
x-content-type-options: nosniff
age: 343205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15945
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 May 2024 07:19:14 GMT

GET
H3 200 txt2045.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 8 KB
9 KB 42ms
40ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/txt2045.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ef8425f7770aaabe5ca386210c91406e6b02a788fd598f3ce6b991ba9aa8786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 20:49:40 GMT
x-content-type-options: nosniff
age: 121779
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8676
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 20:49:40 GMT

GET
H3 404 cta.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 43 B
69 B 263ms
262ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 06:39:20 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 26 May 2023 06:39:20 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 May 2024 07:19:14 GMT

GET
H3 200 legals.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 31 KB
31 KB 33ms
32ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/legals.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b5270b1a23dda14e07324c2dd1c39dcbf5dcb8ec729495e8e44b3a5a28c4fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:25:57 GMT
x-content-type-options: nosniff
age: 202402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31458
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 22:25:57 GMT

GET
H3 200 legals2.png
s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/ Frame 11B4 13 KB
13 KB 39ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/legals2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c0bca2cdc0f9299739d6f431e629f1469825a8ca220586eaac8de899754979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:08:18 GMT
x-content-type-options: nosniff
age: 192661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
last-modified: Fri, 19 May 2023 14:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 01:08:18 GMT

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 21:40:43	Name: demandSupplyTi Value: dd08722b-cbcb-4ba8-93ae-0d82fbaefb0c
.demand.supply/	1970-01-20 12:04:44	Name: __cf_bm Value: DQJ9LaeqZE.82bgkpeEO1WT33eh5xb.pR6kWP3jPjwg-1685083157-0-AcDO/PoV2ETOHKdglU59mma4cLvk9sHVjjZ62jFIDCK1pLXqGKTNsBpl3E4cw4OxIwug3HodNQslWukNxcy/gxg=
.kooora4lives.io/	1970-01-20 21:40:43	Name: _ga_1CZ11PEPC4 Value: GS1.1.1685083157.1.0.1685083157.0.0.0
kooora4lives.io/	1970-01-20 20:50:19	Name: HstCfa4732763 Value: 1685083157455
kooora4lives.io/	1970-01-20 20:50:19	Name: HstCla4732763 Value: 1685083157455
kooora4lives.io/	1970-01-20 20:50:19	Name: HstCmu4732763 Value: 1685083157455
kooora4lives.io/	1970-01-20 20:50:19	Name: HstPn4732763 Value: 1
kooora4lives.io/	1970-01-20 20:50:19	Name: HstPt4732763 Value: 1
kooora4lives.io/	1970-01-20 20:50:19	Name: HstCnv4732763 Value: 1
kooora4lives.io/	1970-01-20 20:50:19	Name: HstCns4732763 Value: 1
.kooora4lives.io/	1970-01-20 21:40:43	Name: _ga Value: GA1.2.75265623.1685083157
.kooora4lives.io/	1970-01-20 12:06:09	Name: _gid Value: GA1.2.516852680.1685083157
.kooora4lives.io/	1970-01-20 12:04:43	Name: _gat_gtag_UA_113096037_1 Value: 1
.kooora4lives.io/	1970-01-20 12:04:43	Name: _gat_gtag_UA_150096121_1 Value: 1
.criteo.com/	1970-01-20 21:26:19	Name: uid Value: ab6b0382-380c-4a7f-a5b3-fa780ab15128
.doubleclick.net/	1970-01-20 21:26:19	Name: IDE Value: AHWqTUl170bil5eTiMjJXhRIzfDcX586MOXoQWGT1rxCT_XfULpt7zxBQhK45wXC
.kooora4lives.io/	1970-01-20 21:26:19	Name: cto_bundle Value: AC3PLV9IdGF1bkZSTlRQZEY3cm1sJTJGZGgyTjNHVUgxRGk2VXdnVzVHYUQ4JTJGMmU5cFFxWGdJJTJGRXpoekFEaG16eXh3c3F2T3JhOWxta3JEM2pZSlFBQ3FHWXdMN2hXdEdvRVg4UVFBQnRrU0I5RiUyRkFDcm5SSFMweXhPeGslMkJjTWdtOUN6eHFlTE5hV3ViZDQyS1RPMyUyRkMlMkJKc1dHUSUzRCUzRA
.casalemedia.com/	1970-01-20 14:14:19	Name: CMPS Value: 3218
.adnxs.com/	1970-01-20 14:14:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVM9MXtv!@wnfH8K6pQK`!5=E<L5?%M5/n>=-1HV7A1-7#w5s`?XiHDr$?ijA>O<aH1bpRzqF1`b^^R)oYjB
.doubleclick.net/	1970-01-20 12:04:44	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 20:50:19	Name: CMID Value: ZHBUFRevVB7YH27FnuL4cAAA
.casalemedia.com/	1970-01-20 14:14:19	Name: CMPRO Value: 3217
.kooora4lives.io/	1970-01-20 21:26:19	Name: __gads Value: ID=9829ac62f9e5a5a2:T=1685083157:RT=1685083157:S=ALNI_Ma4U8QerpmNgaXAe3IlPoMw2NQpow
.kooora4lives.io/	1970-01-20 21:26:19	Name: __gpi Value: UID=00000c1c19ae7ea7:T=1685083157:RT=1685083157:S=ALNI_MYBNjOclX5A-TRAG-U5bCyM0lwdKQ
.adnxs.com/	1970-01-20 14:14:19	Name: uuid2 Value: 726036089255219666
.doubleclick.net/	1970-01-20 12:04:46	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/02/egy_el_geish.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_al_ahly.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://s0.2mdn.net/sadbundle/8982549824781421822/22-IWE-EV_Range_23-Leaderboard-728x90-Range_IONIQ5/img/cta.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a57406f6cfc76cfb2116b8246185447c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pathtosuccess.global
cdn.prod.uidapi.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
esp.rtbhouse.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
kooora4lives.io
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
130.211.44.5
142.250.185.162
142.250.186.66
162.19.138.82
178.250.7.13
185.80.39.216
2001:4860:4802:32::36
2600:9000:21f3:fc00:19:8ca6:3640:93a1
2600:9000:225b:7000:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:10::6816:4fe
2606:4700:20::681b:4071
2606:4700:3032::ac43:8365
2606:4700:3033::6815:3fc
2606:4700::6810:8516
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::200e
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:6c00::210:ba11
2a04:4e42::485
34.96.70.87
35.190.39.111
37.252.173.215
54.39.156.32
65.9.66.68
99.81.148.54
017083996a5ae02375d267ecd7de3d039b875810c8e054b9d701eb2f230ee4e1
0a073f675acf4fae13299b908fafa1e0eb2c67fca482efec966ac1393c9da261
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96aa7b573f5f011bbc7e8cf86eff7baafd0edc4d7cac4746166413f3ebaafa
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0ef8425f7770aaabe5ca386210c91406e6b02a788fd598f3ce6b991ba9aa8786
1165aab0094ed2411579eeb149c033d97f73e5dcdb116f40eab65d3e82d94bcb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1bf3307e22da22ff2469d8848a4e17d7896b215582355cbae6f3f5c1ec40e661
1fa15b31fd3e4292ab7529df58d9c86e4e8f86a15e42ce8ab9ceff5fe5fe1b3a
255be961e3f28c2b0e2b06c64e50e1e17f6e624ada57843cf0b1f9e283a06a77
2bb451155dbe12a0b7a999e8d968b8a4f00e04e3010b1058723f16bdd659761d
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ebd3d23946246625fb46e6b69e23a236ef8be73463a19b3b4c38d4f6e407f9e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32544964ac762b9275479b524053df899a895dd169d434f057a875677e350bbf
32e19cd99c6d29bde17c20a0b8c6f16a815ff8e2f8cc984c7b32e871c14b129f
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33dbac73fb48402c100feec54563fbe7baa4219b88bf556d1c78174e7990a8b0
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34b2a9b18dcb7940d94fdcfde9e840017c9437c0956afb524e86fc259e43dbfe
3590042e74f6c2abf20dc96ba3e78e40149fd7a8eccd728b452cf9b33fa42e7b
38c3732f5a3f1d17a27ce839da610c7959e96ed62569732ceeaf3e9a8616d011
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
419f7064b858648a001bff9fb2691374aba791da173f77ba45a301704cb38407
4332a338ca2ea59fad2227da54b1d3c1a01f9eb0498ae09f783df261b35867ec
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d026f22b62608a89082dadde743ab4f7367464797fa94cc7c7c03736d44a4c
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
479e939890bf3baf4a53a3a242e42e54de3a4b969247f5ae305f562aa977daef
4a90afbd30f25560c1b09e1e415f8cc5f0ffbc69ff4fe7c7d925a8e23628a043
4af8d55ed68b959116a2e457eb771bc94ea3e27a51e77389d6b820dc8951dd1c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
50e41677ba3112cf4b7d14025da2831c2fdd7604c0d8f13468b833fb1958bbdb
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f0dcf40e0b0446914b817a2202806b5bbac4b4472c11b210ee066b3f0a5445
5b5270b1a23dda14e07324c2dd1c39dcbf5dcb8ec729495e8e44b3a5a28c4fe3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e8ddff6f75b3974be1fc6ec3780c24ee0404de540b8bfcdb1e46fb80f6f1f8b
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64844f8925b251163ea6b1ce7684859a3c1cc2fd394e68b5406214fb8dc53750
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
70d28a6aa4971f887445a264e85c2f6360ef8020302d3f4fbe96b85289762a0c
70df4ffd54b36b785e335ea57f265c31c873b3e4b4d0a6164ab36a30b88887a6
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
79cdf30cab0d9fcb58c38b22cdf8930debe13d4a573a97424cd582261b0e21f1
81b117326428d9a72afca5c43a90adc70349ed7dc89143a2e3299cd4274d4297
86240d749cf27664e79aaeb99178a6ccb4ea5ef73439996034b83720979153e3
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8d040305ebe277dac907545a7448628f0c355d1ef2fc301b1c9e5d263ba2d849
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
94f461f8903e53560e1f4bcbd16a514b6d4975b3d5cde8cc291841df76fbe6ee
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9c7adf8a7f84ee47c1e5ac8a00c68c20ff9218f4d004f9d6a2dd62554da624a1
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9db421bdcd57d53c121d041c9feefe2e17f6ca2e081ffe5c569ab751670882b0
9e9388923be921226ef32ee8d292707cdaf1507cf524d5942602f7c9d683955c
9f8b86e1d1aa1e0b901a615cb02db749400fade40abe16824ac505a7e6c217dd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a189b6751a04ef189c83ad4e01de219c264204642857ac58438dea7a955178
a816010b448c3cf8ea7e9782a5846f522d37fdf71706badb4ce9c730a01d129f
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7f89653ed87db94d9337cdcca1baefe8943baf7b8bbd143f1b51165481a911
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
ca49b163e3fc9bb9899c1935e5d5f0494a013e1089286ad8b5fea85880640a02
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd5cde97bee9d448c85b26575567bb6bcf8d2f2d010701ffc4e0fdc239041b2
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d64958f0469fd4261175c574d7c27fcaa8efff22bd4ab8db5f7b828ecc857211
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d9a36f4c3450b529bfbebf91059a1a8bcc29b3857c70d11fd2ac2305b182eaf3
db5cef2a22959fa11c1cd52b914a47a528569026e22488f0f0079b61bdff0270
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5c0bca2cdc0f9299739d6f431e629f1469825a8ca220586eaac8de899754979
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef388430bde818f8674a2dbaf7d85bb18319dd519b14067822b113cf99b4145a
efcac51ddb97e33cc9cc4cdb2a75360ecfa2b48092b473bba8cabda6fdbac368
f0af2abb78bb5af4b56af3acdd168827b3e9a204e9d87e631e97569eb1489e1d
f0f2240b664b95604941702fe7b2bfb91c3558c444766efee6ab4edde08ec120
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da

kooora4lives.io Open in urlscan Pro 2606:4700:3032::ac43:8365 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

92 %HTTPS

68 %IPv6

26 Domains

39 Subdomains

38 IPs

5 Countries

2024 kBTransfer

4655 kBSize

26 Cookies

27 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kooora4lives.io Open in urlscan Pro
2606:4700:3032::ac43:8365 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

92 %
HTTPS

68 %
IPv6

26
Domains

39
Subdomains

38
IPs

5
Countries

2024 kB
Transfer

4655 kB
Size

26
Cookies

210 HTTP transactions
12 data transactions