kooora-lives.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kooora-lives.net/
Effective URL:
https://kooora-lives.net/
Submission: On February 10 via api (February 10th 2024, 6:30:39 pm UTC) from US — Scanned from NL

Summary HTTP 339 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 34 domains to perform 339 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora-lives.net.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2024. Valid for: 3 months.

This is the only time kooora-lives.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:20c... 2600:9000:20c3:5e00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:2000:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	13.32.110.70 13.32.110.70	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	52.30.159.215 52.30.159.215	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8 8	2606:4700:303... 2606:4700:3037::6815:3541	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
85	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2 2	3.127.84.173 3.127.84.173	16509 (AMAZON-02) (AMAZON-02)
14 28	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 3	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	54.216.150.47 54.216.150.47	16509 (AMAZON-02) (AMAZON-02)
1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 6	23.211.8.12 23.211.8.12	16625 (AKAMAI-AS) (AKAMAI-AS)
7 13	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 10	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
8	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.233.184.155 64.233.184.155	15169 (GOOGLE) (GOOGLE)
2 4	54.194.91.232 54.194.91.232	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:245... 2600:9000:2450:3800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
10	2600:1f18:1ac... 2600:1f18:1aca:4282:4acd:58b4:e741:200c	14618 (AMAZON-AES) (AMAZON-AES)
339	41

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kooora-lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora-lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yalla-goalz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:5e00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2000:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-70.vie50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.159.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-159-215.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3037::6815:3541 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

kooora-lives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.84.173 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-84-173.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.185.98 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.181 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.150.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-150-47.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.211.8.12 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-8-12.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.64.151.101 (San Francisco, United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.85 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.91.232 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-91-232.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2450:3800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4282:4acd:58b4:e741:200c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	googlesyndication.com b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	895 KB
85	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	2 MB
57	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 ad.doubleclick.net — Cisco Umbrella Rank: 157 bid.g.doubleclick.net — Cisco Umbrella Rank: 896	452 KB
26	demand.supply live.demand.supply — Cisco Umbrella Rank: 59280	47 KB
24	kooora-lives.net 1 redirects kooora-lives.net	447 KB
20	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 808 static.adsafeprotected.com — Cisco Umbrella Rank: 625 dt.adsafeprotected.com — Cisco Umbrella Rank: 630	212 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	8 KB
10	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	11 KB
8	kooora-lives.com 8 redirects kooora-lives.com	3 KB
8	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2136 google-bidout-d.openx.net — Cisco Umbrella Rank: 2135 rtb.openx.net — Cisco Umbrella Rank: 651 us-u.openx.net — Cisco Umbrella Rank: 530	1 KB
6	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1394	1 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 3029 dis.criteo.com — Cisco Umbrella Rank: 598	8 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 884 s.tribalfusion.com — Cisco Umbrella Rank: 2403	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4912	920 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 603	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 794	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 865	2 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 920	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 854 id5-sync.com — Cisco Umbrella Rank: 419	26 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 3919 ups.analytics.yahoo.com — Cisco Umbrella Rank: 376	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6389	553 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	3 KB
1	avads.net ads.avads.net — Cisco Umbrella Rank: 17480	177 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1958	199 B
1	yalla-goalz.com yalla-goalz.com	7 KB
1	histats.com s10.histats.com — Cisco Umbrella Rank: 15295 s4.histats.com Failed	5 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2735	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2476	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 667	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1783	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1287	6 KB
339	34

	Domain	Requested by
85	s0.2mdn.net	kooora-lives.net s0.2mdn.net b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
59	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com kooora-lives.net b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com bid.g.doubleclick.net
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com kooora-lives.net b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com s0.2mdn.net googleads.g.doubleclick.net
28	cm.g.doubleclick.net	14 redirects b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com googleads.g.doubleclick.net
26	live.demand.supply	kooora-lives.net live.demand.supply client
24	kooora-lives.net	1 redirects kooora-lives.net
13	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net kooora-lives.net
10	dt.adsafeprotected.com	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
8	ad.doubleclick.net	kooora-lives.net
8	kooora-lives.com	8 redirects
7	googleads.g.doubleclick.net	kooora-lives.net b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	static.adsafeprotected.com	pixel.adsafeprotected.com b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
6	sync.teads.tv	1 redirects b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	pixel.adsafeprotected.com	2 redirects b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com kooora-lives.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com kooora-lives.net b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
3	d5p.de17a.com	3 redirects
2	c1.adform.net	2 redirects
2	um.simpli.fi	2 redirects
2	a.tribalfusion.com	1 redirects b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
2	bid.g.doubleclick.net	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com kooora-lives.net
2	pm.w55c.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
1	fonts.googleapis.com	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ads.avads.net	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
1	match.360yield.com	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
1	rtb.openx.net	b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
1	dis.criteo.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	yalla-goalz.com
1	s10.histats.com	kooora-lives.net
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	mug.criteo.com	kooora-lives.net
1	id5-sync.com	cdn.id5-sync.com
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
0	s4.histats.com Failed	s10.histats.com
339	52

This site contains links to these domains. Also see Links.

Domain
yalla-shoot-lives.net
kooora-lives.com
kooora4lives.info
yalla-shoot-hd.net
yalla-shoot-ar.com
koooralive.io
koooralive.net
kooora-tv.net
kooora365.io
kooralive-tv.io
kooralives.io
kooralives.net
360kora.io
kora-online.io
yalla-shoot-kora.live
kooora4lives.tv
go.yalla-shoot-matches.com
kooralive-tv.net
livesoccertv.tv
soccer-stream.tv
kooora4lives.io
livehd7-tv.com
egylive-tv.com
korastar-tv.net
livekoora-tv.com
yallalive-tv.net
sulvo.com

Subject Issuer	Validity	Valid
kooora-lives.net GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2024-01-20` - `2024-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
yalla-goalz.com GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.avads.net Go Daddy Secure Certificate Authority - G2	`2024-01-15` - `2025-02-15`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://kooora-lives.net/
Frame ID: 35C7FCE946BDD5D9D66DB1E9901D72F7
Requests: 91 HTTP requests in this frame

Frame: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C1517F9542CAC6952C1F78365B293FF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=kooora-lives.net
Frame ID: 40209B20381105BCC279D45DDC34E695
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1C03D74064FCB0A8DED2CA01A47A2B12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA19224306D7B9B0BB53A899CF2B5CB6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2FB2BCEE9838A7D22B2118AAED9FFFAC
Requests: 2 HTTP requests in this frame

Frame: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F5888E4F8A6BA24DDEC12C1F138336F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDcjzVBu2WwSd1QLgQDOkkw8HPJuZcajjOxsnat_wFzliVaR3w1xJioMGRpaqs-OZE8U3PnysnYQP9x3QYjkE22VilXaJyvwDN8qYijYKIcV0wJZCIvViksXwRXOhfeZ7k8_tnUGjXOraU46oGrM8NpKSb1FCY0QOVw3xwsWwXf789dIxOEdg5NAJRT92j1VbKdafcump4VuULQ7MfHXnq58T9jArG41vyV4JiLnsiropkiV9VYBEfEOpY52pzSiFIKHxbYNv15OizrBYOr3x-6JdJzGngyk6E0nADyvvav_j_ekh7GENB3BwxrYhlBt46iOrvr2PQRk4PQ4uEqKDDLkOH6SEzk_lMPjErW3EmSmadurqkHzy6hWE0_pHi5JvF5NUFV-jJ8h9afDavU-r6d42m-PHybL0n_Muiz18I4zD1qme743ncMKvCnOzeeMYaaOI&sai=AMfl-YQrCnolgWENskxKB-jHsRz8mjF3rXtYwHJbRp32rOz69SaUEUlOJwYZWwn3tYndzb5SyzESTIMnBsvFQX4qP6IlQal6XDtADzlkk3TrfigtypRxExAkIiEPE4CUWcOia9bpg7gk-B05fQvdPQXqcDk&sig=Cg0ArKJSzDM9BWtWuhPREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3C21AE2D3C827B558D9701382E62BAA7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGPKZo94BMAE&v=APEucNXYuJ-RyktkgtPZ-kH5npTwuYeinVGib0HM0tL7y8157VxNn3MPE1jl92GJjyJ_0rlGoFziv7_gsrZK5Hnfs2r9AsbGoXwKXmycJmJpaBo28jkA4sd4wxO3Kkpe_zot2OP7aU1hnzDxuKixNZ8Pg0TG-aMSTXrJBHOt6eC9CVFP68K3H_M_Y-ikaNI6FQ151kpAoIR3
Frame ID: 61BDE8FF13F204BE984EB8298DB8C584
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 799B6B266363D6617EC1F9611BAAB34F
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5DE02526219733E2FFF17DC1850D87C3
Requests: 9 HTTP requests in this frame

Frame: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F02CF3F06F619067BE0C9A9C2382CE7
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0217E44B9EF6D2CDF7804B8C8E6B5895
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGNeXo94BMAE&v=APEucNVZpE7WlRzYRmBu_EmrXrMlYXKUwZte-BPBn04sXmMqrJ1434Aykc4k6_XT1iBZaMfjs3qhQ0tNf4k1gLMkISAyRBcMDvzPzWPo7VK6FwxGlSHd815B_Xhu-y1MGPTtWbVUxym5_o-APz3DkFRky_KsmwgsRTrOoS-pYIkLCL7_6umRwbhFtVZD0TA8t8HPwdCiklzK
Frame ID: B1B5CF0939BE91EA9ED8A12A4B7C9081
Requests: 5 HTTP requests in this frame

Frame: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 383BB08719DB0FD5075B9AE742E58B7B
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
Frame ID: 25C7FFC43553F48164899E3BBE4249E5
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 942EDC965B4F49AC96CEBD362918C67D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
Frame ID: 49728227485B64E78503C3ACE985DCCE
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfMPxDe7KqvAxi4q_L5ATAB&v=APEucNWDZ4DPKv2XDbbwyOWvPS2AbiN36C9Rb0df2S-_HXbi_8qzIjfEznwH2KdaCXn5sseJHEeG1mATm_cI8l6_BMYdvFguVjVjy9bZPsTnMLEsgn_9OZeqKXQeTDS3EOJXWHByrIVpvqfORhU-EnWAX9-M7MF7ogl6d6kx4wEA7pGHZRAd4-7SjiwaYz2sNYQRSwG2_6ed
Frame ID: DF3BFA20B1E7B645DCCB4D426433BE63
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2DA997FA3806EDF68E8A3753E58CBF3C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
Frame ID: 973D2925A45029000D9C147F5DB55E49
Requests: 22 HTTP requests in this frame

Frame: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4DBA0DEE8B1F8338C8F8ECAB0839DA01
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJLV_doBMAE&v=APEucNU5rKQh6vl1rlnaYg-r7C3xzI1l9iUDUf_i56q7mWlR6TuSh2TzWULmvijQBEM3ceCQy3jWxi2rIG7ywk-NK-z_2dRgfMCaO7PSO7FtvUTUKoJbnFtPbXVsEiCGYXHEOlh91R2RN2DuGf0P6cXzsOsr-7hQTRSlVixihMsBTvNjdsH03UCBSm5m2Js9bNZenf5ywrXT
Frame ID: 1FE45D33972079B14B89D7A0068A1A62
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F22BC466A19309E2A34DD10FBF9A647
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: CB7BC3918C355CD2FC2AC679E64269C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 30733FF7AD40DD1E70566C4BFFF7C90D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: 240C01633B4C0A39F157C07CA8491A9D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
Frame ID: ADBA2A0231A8CCBD53F1C38B089E69C0
Requests: 19 HTTP requests in this frame

Frame: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EB4AADB6A8509530084E570EAD8C699
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJfY_doBMAE&v=APEucNVfV717wT6RzyEh_NsdoFR0TjOkdZXDeh9ePYZBYWivUwgNej_Txdscg-ryaopaglui8np13RI55YcgN9W1WeZmsXbR6BSzvpqIuNNeF0lMT2JUpfQywjIRxMcziDzgyGMf3rShI4SLByi2jFfHSS6rpLar2GqUoMdXtpLlY8PmWBKwOdmVvIU-qBToCZx4dgWipcfm
Frame ID: 56A071CE84F75A0DA00F8477C9507A97
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FCCFF03F5BCF5027F1D1280B365AFE27
Requests: 24 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CED0F5B8FE745BBFFCE9CE018656AE48
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D82937FCB8AB62A9108351DC4E775FEB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 773CBD87FB407FEB27C980AADB1FCC67
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: 52CDBE1C75E9C5BC6E7BBFB2A0233AAA
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
Frame ID: 9ECE5069C672D9939F4283C61068F030
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 981DBFE84EF64C5E41FAA293E9624D83
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: 07BB0B7A46CEC719EDD34321A49F9E27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: EFB18431A3B5BA79ECF59F9D8807D277
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

koora live English Free Live Sports Stream livekora

Page URL History Show full URLs

http://kooora-lives.net/ HTTP 301
https://kooora-lives.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

339
Requests

88 %
HTTPS

48 %
IPv6

34
Domains

52
Subdomains

41
IPs

8
Countries

4171 kB
Transfer

9231 kB
Size

34
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://yalla-shoot-lives.net/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: live stream sport

Search URL Search Domain Scan URL

URL: https://kooora4lives.info/
Title: كورة 4 لايف

Search URL Search Domain Scan URL

URL: https://yalla-shoot-hd.net/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-shoot-ar.com/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://koooralive.io/
Title: كوره لايف

Search URL Search Domain Scan URL

URL: https://koooralive.net/
Title: koooralive

Search URL Search Domain Scan URL

URL: https://kooora-tv.net/
Title: kooora tv

Search URL Search Domain Scan URL

URL: https://kooora365.io/
Title: kooora365

Search URL Search Domain Scan URL

URL: https://kooralive-tv.io/
Title: koooralive

Search URL Search Domain Scan URL

URL: https://kooralives.io/
Title: kooralive english

Search URL Search Domain Scan URL

URL: https://kooralives.net/
Title: kooralive

Search URL Search Domain Scan URL

URL: https://360kora.io/
Title: 360 كورة اون لاين

Search URL Search Domain Scan URL

URL: https://kora-online.io/
Title: كورة اون لاين

Search URL Search Domain Scan URL

URL: https://yalla-shoot-kora.live/matches-today/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-shoot-kora.live/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://kooora4lives.tv/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h3/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooralive-tv.net/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/c/
Title: koora4live

Search URL Search Domain Scan URL

URL: https://livehd7-tv.com/
Title: الاسطورة لبث المباريات

Search URL Search Domain Scan URL

URL: https://egylive-tv.com/
Title: ايجي لايف

Search URL Search Domain Scan URL

URL: https://korastar-tv.net/
Title: كورة ستار

Search URL Search Domain Scan URL

URL: https://livekoora-tv.com/
Title: كوره لايف

Search URL Search Domain Scan URL

URL: https://yallalive-tv.net/
Title: يلا لايف

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/matches-tomorrow-h2/
Title: كوره 4 لايف

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/yalla-shoot-h2/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://kooora-lives.net/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kooora-lives.net/ HTTP 301
https://kooora-lives.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://oajs.openx.net/esp?url=https%3A%2F%2Fkooora-lives.net%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fkooora-lives.net%2F&rid=esp&cc=1

Request Chain 48

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kooora-lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora-lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=nTqylXxLTWQvcVIvbHQ2OXduODE2R3lvUDhsR0VkcHlKK3hLd1FvZEZERm5XVkZUQ2FLaVNxV1ZSYnI1dFE0bktXanVFdlZaczJlNjJiVGo5bnd2aE5HdGF0ZkNZUitwUEdydWtJN2V0ZlNZbVpSa1hORU50YXlCYkVncklTdnRNcDYwOXpqOG1XdDZiN1hCanVqZTJSbkZ1a2wvZWZUVnZKb0dwWUNzVmxZWkpnZGMrRnR1WUJUM2RDZE1FWUMyTWdkUjBpRGo1QlFmNUNRTSsvb3VUV1FsZ3JhL1NsVDhxSkZ4YnpiTUZISzIwZG5CNnlUZzJUV1VjdXFCVTZYY1lrRndmaXBVczMyOC9kMkFnKzNydS9rbTlkcGpGVk84dGFQcTNmaXp3U1FidlBYUT18&cppv=2

Request Chain 58

https://kooora-lives.com/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg

Request Chain 59

https://kooora-lives.com/wp-content/uploads/2023/03/168-1.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/03/168-1.png

Request Chain 60

https://kooora-lives.com/wp-content/uploads/2023/03/157-1.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/03/157-1.png

Request Chain 62

https://kooora-lives.com/wp-content/uploads/2023/03/34-1.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/03/34-1.png

Request Chain 63

https://kooora-lives.com/wp-content/uploads/2023/03/541-1.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/03/541-1.png

Request Chain 64

https://kooora-lives.com/wp-content/uploads/2023/04/547.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/04/547.png

Request Chain 65

https://kooora-lives.com/wp-content/uploads/2023/03/497-1.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/03/497-1.png

Request Chain 66

https://kooora-lives.com/wp-content/uploads/2023/12/224.png HTTP 301
https://kooora-lives.net/wp-content/uploads/2023/12/224.png

Request Chain 107

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cver=1&google_push=AXcoOmSdqTNAHBdZXeNwa6G-599ms3-Q8FhyvJqjLaDQv5R1pKeECiBnFKvaLtq-sMfyvS5M6b1HvAw5bqLlBE-7d6vlMZsO_awj HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cver=1&google_push=AXcoOmSdqTNAHBdZXeNwa6G-599ms3-Q8FhyvJqjLaDQv5R1pKeECiBnFKvaLtq-sMfyvS5M6b1HvAw5bqLlBE-7d6vlMZsO_awj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUh2RzJHMzUxUnlTN3Y1&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cver=1&google_push=AXcoOmSdqTNAHBdZXeNwa6G-599ms3-Q8FhyvJqjLaDQv5R1pKeECiBnFKvaLtq-sMfyvS5M6b1HvAw5bqLlBE-7d6vlMZsO_awj

Request Chain 108

https://d5p.de17a.com/cookies/google?google_gid=CAESELHyxnos4GjDxA8DyGbwM-g&google_cver=1&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8jwkdWu_A HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELHyxnos4GjDxA8DyGbwM-g&google_cver=1&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8jwkdWu_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8jwkdWu_A

Request Chain 109

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSoJ2yJc66oyQ3JElGUDD52S3Guy_iDXZxivCBAJhhuB_3XL5N_bm7BbejTJD7zDMS8qrAmj-g8MxJG04VCMyqokkwTJHqRwA&google_gid=CAESEPUk1UqGVTHxPJZ20GNqp9c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-PSD0rofzKONo2y2a_Cp5cI9lhxoRlGX6v9nE0g&google_push=AXcoOmSoJ2yJc66oyQ3JElGUDD52S3Guy_iDXZxivCBAJhhuB_3XL5N_bm7BbejTJD7zDMS8qrAmj-g8MxJG04VCMyqokkwTJHqRwA

Request Chain 113

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDeehlxU1PzmXR6aBsSAVto&google_cver=1&google_push=AXcoOmQdBezW7inM_OuepnKZy5PKMy5DayCl7lhJNVktAD3XMosj73WPyk4Cq_mhK3QazBX6RYcMoneiumuGdqyPiapulx770_bHsAo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQdBezW7inM_OuepnKZy5PKMy5DayCl7lhJNVktAD3XMosj73WPyk4Cq_mhK3QazBX6RYcMoneiumuGdqyPiapulx770_bHsAo HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcfAybmqPeUAAF5dACBBBQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Efv3WrxxQcuaTJ0EZtWk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcfAyVVbLZUAAG0BAB-XmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Efv3WrxxQcuaTJ0EZtWk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM4MTc4Njk1MzAwNzg5Nzc5Nw%3D%3D

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcfAybmqPeUAAF5dACBBBQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEOv6tUgiTWlqHqLgNQw2UY&google_cver=1

Request Chain 213

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D

Request Chain 250

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG0MLF7AVyi4z1R7_nUL9fg&google_cver=1&google_push=AXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG0MLF7AVyi4z1R7_nUL9fg&google_cver=1&google_push=AXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 251

https://um.simpli.fi/gp_match?google_gid=CAESEJZkFZg4G08p9qMpb4f-75o&google_cver=1&google_push=AXcoOmTFq-iRZxvYkiN-eE2gvWIm5rhcTmioQ3foJ-lSNSN47Zqso25HSwk0JDew0bM3DcPeZ7hIoA6pg7SbVYFVoYScnXu9EKs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmTFq-iRZxvYkiN-eE2gvWIm5rhcTmioQ3foJ-lSNSN47Zqso25HSwk0JDew0bM3DcPeZ7hIoA6pg7SbVYFVoYScnXu9EKs

Request Chain 252

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFtEJHkZ4ObRdHlaBsHX1ps&google_cver=1&google_push=AXcoOmRQMhsbLdcIEYg55aFkyaTe0wy0_W0AB9PsSiWG84pr41-RPYi__xJGz4rp1HkDSyXgHnIyKu2IdAjDqUyTcA_m3NBXfhQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21vqX6SwQ4AI67c9nrLdwg&google_push=AXcoOmRQMhsbLdcIEYg55aFkyaTe0wy0_W0AB9PsSiWG84pr41-RPYi__xJGz4rp1HkDSyXgHnIyKu2IdAjDqUyTcA_m3NBXfhQ

Request Chain 253

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDh9e_WSZ7JGR-Dlmdr6QVs&google_cver=1&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4w28YD33_1nWEciaIxP HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDh9e_WSZ7JGR-Dlmdr6QVs&google_cver=1&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4w28YD33_1nWEciaIxP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5MzY2MDg1MjI3OTM4ODcxNQ&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4w28YD33_1nWEciaIxP

Request Chain 279

https://pixel.adsafeprotected.com/rfw/st/1849103/76721144/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https://kooora-lives.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hYVxwCrp5zKlwC-wM5T1oO&adsafe_url=https%3A%2F%2Fkooora-lives.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fkooora-lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e1996998-2d8c-cbdd-ecf8-8766994ab5e0,c:3QDIGx,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7b9d8f9bf6-97pkj,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:189,mot:0,app:0,maw:0,tdt:s,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18*.1849103-76721144%7C181%7C182%7C1831%7C184%7C1911,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:203,oid:7a6b67e7-c842-11ee-af20-dae32bba5107,v:19.8.482,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1

Request Chain 315

https://um.simpli.fi/gp_match?google_gid=CAESEM9zQiO7tfapT-x3DdYg5t0&google_cver=1&google_push=AXcoOmSYjfJ8GtUuqoKEWleyqU-7cZ8MH2A8GpWzWaTUxEuZhzLvrkvpOuTmGu7Gq13J290UooL18eUeixpDNVAYLePivEtSJA3z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmSYjfJ8GtUuqoKEWleyqU-7cZ8MH2A8GpWzWaTUxEuZhzLvrkvpOuTmGu7Gq13J290UooL18eUeixpDNVAYLePivEtSJA3z

Request Chain 316

https://d5p.de17a.com/cookies/google?google_gid=CAESED2u1iYjGmol-G-72KAtFXw&google_cver=1&google_push=AXcoOmQ5XH_NfHJbA5NL35ATfsNfPPyR-22msQ7RhWwhETVfhVUGpNUNV_ScosNgXcnR455HedbiadLmQvZeS1S1_Tib_v7go8I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ5XH_NfHJbA5NL35ATfsNfPPyR-22msQ7RhWwhETVfhVUGpNUNV_ScosNgXcnR455HedbiadLmQvZeS1S1_Tib_v7go8I

Request Chain 318

https://pixel.adsafeprotected.com/rfw/st/1849103/76721142/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https://kooora-lives.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j1lhCB1Zc6RfqiVidDUwNt&adsafe_url=https%3A%2F%2Fkooora-lives.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fkooora-lives.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fb8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:a7767f40-f49c-ca6a-ece1-b71fc59cd34a,c:3QDIKa,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-585fd76b4b-67g9f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:58,mot:0,app:0,maw:0,tdt:s,fm:u3UsVpk+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C181%7C182%7C183%7C1841%7C185%7C191*.1849103-76721142%7C1911%7C1912%7C1913%7C1914,idMap:191*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:65,oid:7a98b9fd-c842-11ee-97b0-16c4602dc9d0,v:19.8.482,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

339 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kooora-lives.net/
Redirect Chain

http://kooora-lives.net/
https://kooora-lives.net/

133 KB
27 KB

265ms
218ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d78080e97427f5c3dbd2f39a2ff236c3f7409b9a41bd77d2d969bb06a69f39c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85366c82090b30c0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 10 Feb 2024 18:30:32 GMT
last-modified: Sat, 10 Feb 2024 18:29:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvjQOimTd5gAWxsQMJBrrjBY9VLgQD%2FuSHGDfLt7y%2BWYPBcWsep0YG6ULhOMEiG5kgZXMticYYPBOlxBa1D68LDTydAP9qgZWB7yQgNFAquvfB5d58J3wwT82NF4Fm0gSZGo3O6Ec3Vcf51lW4CN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie,Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 85366c814a089bca-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 10 Feb 2024 18:30:31 GMT
Expires: Sat, 10 Feb 2024 19:30:31 GMT
Location: https://kooora-lives.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b34BYOI6n9siy%2FRQ9xpSLD6H%2BoZgMjxKiWqoTs4rThAZu%2BL58%2FYTD%2Fhl5rh6EYeXw5v3GCRMAu3wJOUYoKf2SKhD7L4WsNP4o2XRXHOHyb7VayJsSsrORVCO2wQp3mpDp5p5yYmzqNOe1hxrOvTW"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.min.css
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/css/ 68 KB
12 KB 92ms
91ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/css/styles.min.css?ver=0.15.3
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87e6cbfe9bac10b95b9814d64cc0c5adaac98a4fdf55396df774c9a65cccf91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Jul 2023 22:04:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 712759
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUZCAtdEH8GfhEhP3OEQkwaQ3J3rDPAAkz6pFYNzx5HbwOyG0y7JInhyUbMYomBhrl%2B8obH3uJ30%2F9UE8PVervZkML945AIxTO8U4E%2FT2Six98fFO4wIQt3QgO%2Fan0g3T2igeOtGewZtJma3PzVZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 85366c836c0830c0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 08 Feb 2024 12:31:12 GMT

GET
H2 200 styles.min.css
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/public/css/ 101 KB
17 KB 98ms
97ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/public/css/styles.min.css?ver=0.15.2
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb4762683c1ab088171aeb437ddc224ec616c69ca9d563454f56a09666e12ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1390384
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:03:56 GMT
server: cloudflare
etag: W/"64c6de4c-195e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnMbkBbGi8cMw6DhLetFwaHDkAC9auryOzEgZI4fxEc9WT7IlRqJj0zNV%2B0d7cnhIgmPXCzGNvChgGVHUv2yl7xrqCojD5fXChPxJ38BhRG6eUU1l7UHUcN1NWW0f72zAURwz13J46Pa6iXiKy%2Fu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 85366c836c0930c0-FRA
expires: Sat, 24 Feb 2024 16:17:28 GMT

GET
H2 200 flags32.css
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/ 11 KB
2 KB 90ms
89ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/flags32.css?ver=0.15.2
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee8728ba0731ba155c0a7bd099867749c7bf25f7d6d89967807ff1068d8f3f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712759
cf-polished: origSize=11545
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 30 Jul 2023 22:03:56 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XitcVB%2FSFJX%2BWUEIddnAw7CznaSw4b3AQfmGSo3iM6kysgOYG0RtNv5ZzWb9y21BHctO93iG04xpyH7UsTpCBt7w9NfbFrWS9mMO68HCfwQ8b8XVGdF3ClEW4mwO%2Fv3Ec%2Fdzctf3uwH8f%2Fp8YkCY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 85366c836c0c30c0-FRA
expires: Thu, 08 Feb 2024 12:31:12 GMT

GET
H2 200 flags16.css
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/ 10 KB
2 KB 91ms
90ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/flags16.css?ver=0.15.2
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5f8ec717fbc039c52c07f384f63fda757e656758fd983737895c108a089546

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1390384
cf-polished: origSize=11127
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Sun, 30 Jul 2023 22:03:56 GMT
server: cloudflare
etag: W/"64c6de4c-2b77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSwdvSIRJbLxvVyndKF47eCtSYHMmPM0FyS3XediFWeVpDDo%2FhK8orLB6PJBfd42KaMgDz%2FlW2qs6KdRfaHbW4tSPPOPmqhn8oOzaj%2Bf2vyz%2FF4lWzk%2FsbvJc2K54gR3uCNNezsOrJexCKpP7nuN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 85366c836c0e30c0-FRA
expires: Sat, 24 Feb 2024 16:17:28 GMT

GET
H2 200 NeoSansArabic.woff
kooora-lives.net/wp-content/themes/AlbaKora4Live-en/fonts/ 56 KB
56 KB 76ms
76ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/themes/AlbaKora4Live-en/fonts/NeoSansArabic.woff
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://kooora-lives.net/
Origin: https://kooora-lives.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Mar 2023 22:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1087226
etag: "64051e82-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXtQp4L8gDF6HW%2F5qq63U0Krp%2Bx5HqqV2o32esqCenWRaEDxoRkKbgAWFEPUrwfSGYTem59nFvWWZD3FTV8tMlgqzFHAZiRwqACgWUzwNdgGamSX2V6%2B5KmT8QGXh62MLqMgMKyekB2UsyLcwdN0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85366c836c1030c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 57364

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 455ms
386ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0504a4fc6caede58ed56a4be6d0dae72b8ed404894ccf1ba790876d1eeeed5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HP75F9AZCREH52VHCRJ7K2EH
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 259
cf-polished: origSize=5381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"58fb9c0053635ce2e41d09ded26ca7c5-ssl-df"
cache-status: "Netlify Edge"; fwd=stale
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 85366c83dd282c22-FRA
link: <https://live.demand.supply/impl.v17.29.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/a29vb3JhLWxpdmVzLm5ldC8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 koora-live-Live-broadcast-of-the-most-important-matches-of-the-day-300x300.jpg
kooora-lives.net/wp-content/uploads/2023/06/ 13 KB
13 KB 68ms
68ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/06/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day-300x300.jpg
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545aff3de8dc93bc1f5c0fcf13103a4e79157aaba2d92521688cc157e0882293

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441291
alt-svc: h3=":443"; ma=86400
content-length: 12892
last-modified: Mon, 26 Jun 2023 11:34:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vkt%2BYIUfBWyk8bO5ZAaRph9dq9HWEXtZPtGSn6T20JkXyZRmT9%2FcJS99FrmmWlOsfKJTvsjk3fXxf8ydGexYLZbG973cigWbfewgQnBhza3UOsu6LCLB0J%2FTSyrK%2F9Ay4o7q9B8FGuu8SLxcn7B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c836c1330c0-FRA
expires: Thu, 07 Mar 2024 15:55:41 GMT

GET
H2 200 rocket-loader.min.js Show response
kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
23ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Feb 2024 15:36:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bd0be2-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lu1EW0aidvQ6m1%2BqTP0ET8kpd%2BZNAYzBjmJICwPu2eyhJSXaNd2CFlGDSmYY1V4haEcHEpu85sf%2Bibo7bouAPiA3JWvnCpwfA5nWL14E8NcdOlAysnhN0ImuMjCB5l27pUNcz5nSCE6cFGYY0riJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85366c837c2c30c0-FRA
expires: Mon, 12 Feb 2024 18:30:32 GMT

GET
DATA 200
OK truncated
/ 91 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1772fbb9ae95f18fed4d611dc162b55b3d9b7fcb619d5626ee654d9255ec4559

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 91 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99e98ad0329db79408bb7628dfb819a983b0d3db0e76f0fca5068fa0f5aa1580

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d096326cd90387efaca9db2096876825f6710c4e7e93d13d1323402aea86d77

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 37 B
37 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 fl-pro-swiper-optimized.min.js Show response
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/ 103 KB
34 KB 54ms
54ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/fl-pro-swiper-optimized.min.js?ver=0.15.3
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31af4f4329e2a4b7295dcfe90b27669bc0ca2a8e1fbb3ab37b55af1c75714560

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399080
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:04:05 GMT
server: cloudflare
etag: W/"64c6de55-19b48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuJRCX80ISBnpWlJJawnpwwhx27z5xEsQjC8Mr6npgnEz1S0fnWGWqV%2FZh5vdVchN6zRZ9KRoRU0hRJlHwxMXz3MlhdsaA1yzkmNVKMaUI7fyHIxKovqo%2BLXtYbmK7cGEx8Rz52CTcMYcSqtoDcu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 85366c845f867188-FRA
expires: Sat, 24 Feb 2024 13:52:32 GMT

GET
H3 200 lazyload.min.js Show response
kooora-lives.net/wp-content/plugins/perfmatters/js/ 9 KB
4 KB 90ms
89ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.2.3
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399073
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 15 Jan 2024 13:28:44 GMT
server: cloudflare
etag: W/"65a5330c-248b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIBPn%2Bdwn%2BYcITTCuusnGdCWKu1kAR0ZSTxGxQW%2Ft6j7J7iKu5HJWU3DmNTDxX4kBbASLWwScNbUg0fbxVDfvqMy%2BhMmAaonIS9nTkEQ%2B6GsE%2ByJ2Qbu55UVN%2F4FfizvONPID%2BTT68HBmsms7hEq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 85366c845f8a7188-FRA
expires: Sat, 24 Feb 2024 13:52:39 GMT

GET
H3 200 jquery.min.js Show response
kooora-lives.net/wp-content/themes/AlbaKora4Live-en/js/ 87 KB
32 KB 207ms
207ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/themes/AlbaKora4Live-en/js/jquery.min.js?ver=6.4.3
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 05 Mar 2023 22:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWcjWWsvuuTc6X23JwFEfHTJOSGVLF98hNT4FToD1BDX0LZcIZRQOy3oBqSMEgjHYKhp%2FJhOz0tymES0L%2FCxSAIn0goc9h2x2Xf4Zy4BPViLuBqYclQhldK8INc%2Brl2Lnt5TpYABMs3aGh0oc%2B%2FU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=2678400, private
x-turbo-charged-by: LiteSpeed
cf-ray: 85366c845f8c7188-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 18:30:32 GMT

GET
H3 200 anwp-fl-pro-public.min.js Show response
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/ 106 KB
33 KB 91ms
90ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/anwp-fl-pro-public.min.js?ver=0.15.3
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2270eb61dcfa969d306647b435189e762387878b34d09c2cbe596ea4bf457d0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399073
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:04:05 GMT
server: cloudflare
etag: W/"64c6de55-1a974"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjmEq9%2FsDlDTbEhbtaUunZpUX8TXQXcnrPivMNU243yUqPXmnu5aAKzVohJ%2BDUrFg5aUF1ZD16uaRuPzm425Ahyb1y3pK3To8uIgDmDBNKEZ15g3tYH9JOe7ExqizgAMcL7ZlJ79a8lCNawsZNUP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 85366c845f8f7188-FRA
expires: Sat, 24 Feb 2024 13:52:39 GMT

GET
H3 200 micromodal.min.js Show response
kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/vendor/micromodal/ 7 KB
3 KB 51ms
51ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro/vendor/micromodal/micromodal.min.js?ver=0.4.10
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dc1f18ef5fd887b12b7a2866c824a7097b62c6127ee4016f51bad9118bb6a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399073
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:03:56 GMT
server: cloudflare
etag: W/"64c6de4c-1bbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsWfwIHNrXhdX1mLfZFXpbIc0KicAikV19UwImETqFtaEdTC76jQVZAnXeNXk%2B0f5ILYPOSMtLff8ZZSbuO1b0UskpPWR9DgCcnxmMY6DhoWgBbwIfteRrC%2BljwYrCj4SruaUzDqXrdHByjpBOhg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 85366c845f907188-FRA
expires: Sat, 24 Feb 2024 13:52:39 GMT

GET
H2 200 impl.v17.29.0.js Show response
live.demand.supply/ 93 KB
30 KB 41ms
40ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.29.0.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b97ab27478e1402ec7f35c1e1e4468e31f226fd5a36d55c73ccca2080c8b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HP7581DF01FYPWEG10ZZK8F8
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 99939
cf-polished: origSize=94947
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"9390a1746dc58e5bd985c7821cf6e089-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 85366c86496f2c22-FRA

GET
H2 200 a29vb3JhLWxpdmVzLm5ldC8= Show response
live.demand.supply/p4/v17-24-0/ 1 KB
772 B 403ms
402ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/a29vb3JhLWxpdmVzLm5ldC8=
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feac5b668ad42cb709471b170680f6117e076a04fc0f5048819c3d02eb9d3b7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 85366c8649752c22-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
546 B 60ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=456&cs=c&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939589
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c86784a65e1-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
30 KB 142ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbf2e106c614633902d6be79190048a2d2688fdc9e05b1b947e18c843f8ed2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29759
x-xss-protection: 0
server: cafe
etag: 878 / 19763 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:30:32 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
615 B 195ms
169ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HAQ4G6FQJES3NSZJGKZ
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 939589
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 85366c86784d65e1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kooora-lives.net_fluid_sq_new Show response
live.demand.supply/cp/ 29 B
373 B 565ms
565ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora-lives.net_fluid_sq_new?mlcu=2a924749-e8af-49b6-8ed9-32ab3b9d944d&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798d4026bc40e94e8d6ec577e86cd8b8825f4c159f83974defa5e4871583c335

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 85366c86988b65e1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 kooora-lives.net_fluid_sq_new Show response
live.demand.supply/cp/ 29 B
371 B 531ms
530ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora-lives.net_fluid_sq_new?mlcu=2a924749-e8af-49b6-8ed9-32ab3b9d944d&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798d4026bc40e94e8d6ec577e86cd8b8825f4c159f83974defa5e4871583c335

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 85366c86988d65e1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 kooora-lives.net_fluid_sq_new Show response
live.demand.supply/cp/ 29 B
373 B 576ms
576ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora-lives.net_fluid_sq_new?mlcu=2a924749-e8af-49b6-8ed9-32ab3b9d944d&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798d4026bc40e94e8d6ec577e86cd8b8825f4c159f83974defa5e4871583c335

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 85366c86988f65e1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 436 KB
137 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 13:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17399
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 09 Feb 2025 13:40:33 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
508 B 160ms
159ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c88dd4665e1-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 125ms
38ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 21:17:15 GMT
server: cloudflare
age: 63176
etag: W/"65bd5bdb-42d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 85366c897dd13639-FRA
expires: Tue, 13 Feb 2024 18:30:33 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 48ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:17:00 GMT
content-encoding: gzip
age: 44013
x-guploader-uploadid: ABPtcPqTL347-qhpZJixYUZL8WZmOpLveuh-KQErXmjrx3nXxu0U1HYHhkTnef1BZ5MpuBweAEc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 09 Feb 2025 06:17:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 55ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 18:30:33 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 123ms
28ms Script
application/javascript 2600:9000:20c3:5e00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:5e00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:04:36 GMT
via: 1.1 598adc26bc2de491984cda2fac7d893a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: MUC50-C1
age: 1558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: -RZYOIY2279gR6TbssBjaAfcs06q2jYjaxoex_9uE_7x2sWnIM0DVw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 78ms
35ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10473
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ8gCAtXHbp%2FhVUggpsy4xegLp3sWYaJCNIwBWurOlhutdCAM4KbhnI87bzQFM3BlyIMlRZlMIHeLJKWMRPX0UchG1hnltd9rkpKjbdFf5WRScQ%2BoZSHLRXFZ1XGO4HD6uz2Y7AYQ85etUKGF5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85366c893bc59143-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 89 KB
26 KB 92ms
42ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 70CAKFGKXYXMGFSP
age: 2589
etag: W/"294eab17112a5071cb7b92bc188fc8b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 85366c894c03bb8f-FRA
x-amz-id-2: pd5P6q30rgM4MYTvVaFvwPVjaTbTqK4KF3YjVqISdUWWPXH5AExUXrtyju1not/bnTs82YcES8zVLGJA8ni3cw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 77ms
28ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f6f21359d380b6de888016b7b6840699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 113ms
21ms Script
text/javascript 2600:9000:2250:2000:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2000:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 10 Feb 2024 06:32:02 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 43112
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: gltuT9OkFbum6XAqSM1wxdBRwKX3Re1UWi7q2TCDFtKsFp3LZ0f2PQ==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 111ms
35ms Script
text/javascript 13.32.110.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 21627
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: q50Bd_1L-M3MuYVpRTbl-rgnSCWqi2vf5RLInSmyqU5BSnjvHMCjqg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
563 B 374ms
373ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=1998340257357868&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C214ba63b-5f6a-47df-ace9-5f1b2ec57efe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707589833099&lmt=1707589778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiJo6Si2TFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiJo6Si2TFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIijpKLZMUgAUgIIZBIZCgpwdWJjaWQub3JnGImjpKLZMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UYiaOkotkxSABSAghkEhQKBW9wZW54GIijpKLZMUgAUgIIZBIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YiaOkotkxSABSAghk&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26interstitials-bid%3D8%26bid-p%3Dgoogle%26bsc%3D66&adks=3186588948&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f39761bdb88343bc6aa8f8f83fe461afd762b89be1311068d77ae0ef2f29b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 532
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C15 6 KB
3 KB 125ms
54ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 961 B
485 B 240ms
240ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=2387123945673547&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cd75ce9af-8ef0-4bba-b9d0-421bbaf6ddc3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707589833109&lmt=1707589778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiJo6Si2TFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiJo6Si2TFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIijpKLZMUgAUgIIZBIZCgpwdWJjaWQub3JnGImjpKLZMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UYiaOkotkxSABSAghkEhQKBW9wZW54GIijpKLZMUgAUgIIZBIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YiaOkotkxSABSAghk&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26interstitials-bid%3D0.8%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D66&adks=3307105184&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727251dc28fc218f7f5160cc1d34b0edda051fe4098497530f469279e44c37ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 454
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 44 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

442934953e2ad201695846b1a8d478157de916cbab456ddad256c4f7d1f6fc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3918
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14223
x-xss-protection: 0
server: cafe
etag: 2871022929451947748
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 09 Feb 2025 17:25:15 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fkooora-lives.net%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fkooora-lives.net%2F&rid=esp&cc=1

85 B
193 B

115ms
115ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fkooora-lives.net%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c68c8e4f546d25102638a7b6174654dad853972ac1418d6cda46289906238469

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-nC9ZLt9o1UlunayRHH8RzOHo9E4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora-lives.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://kooora-lives.net
location: /esp?url=https%3A%2F%2Fkooora-lives.net%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4020 14 KB
6 KB 42ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=kooora-lives.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 303239
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
232 B 75ms
23ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kooora-lives.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora-lives.net
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4020
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kooora-lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora-lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=nTqylXxLTWQvcVIvbHQ2OXduODE2R3lvUDhsR0VkcHlKK3hLd1FvZEZERm5XVkZUQ2FLaVNxV1ZSYnI1dFE0bktXanVFdlZaczJlNjJiVGo5bnd2aE5HdGF0ZkNZUitwUEdydWtJN2V0ZlNZbVpSa1hORU50YXlCYkVnck...

452 B
666 B

17ms
17ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nTqylXxLTWQvcVIvbHQ2OXduODE2R3lvUDhsR0VkcHlKK3hLd1FvZEZERm5XVkZUQ2FLaVNxV1ZSYnI1dFE0bktXanVFdlZaczJlNjJiVGo5bnd2aE5HdGF0ZkNZUitwUEdydWtJN2V0ZlNZbVpSa1hORU50YXlCYkVncklTdnRNcDYwOXpqOG1XdDZiN1hCanVqZTJSbkZ1a2wvZWZUVnZKb0dwWUNzVmxZWkpnZGMrRnR1WUJUM2RDZE1FWUMyTWdkUjBpRGo1QlFmNUNRTSsvb3VUV1FsZ3JhL1NsVDhxSkZ4YnpiTUZISzIwZG5CNnlUZzJUV1VjdXFCVTZYY1lrRndmaXBVczMyOC9kMkFnKzNydS9rbTlkcGpGVk84dGFQcTNmaXp3U1FidlBYUT18&cppv=2

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

15d7f6a79e70c89190e06fc542e4b625a03c61c4a2a78c75feafce8b86e183a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1459829
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=nTqylXxLTWQvcVIvbHQ2OXduODE2R3lvUDhsR0VkcHlKK3hLd1FvZEZERm5XVkZUQ2FLaVNxV1ZSYnI1dFE0bktXanVFdlZaczJlNjJiVGo5bnd2aE5HdGF0ZkNZUitwUEdydWtJN2V0ZlNZbVpSa1hORU50YXlCYkVncklTdnRNcDYwOXpqOG1XdDZiN1hCanVqZTJSbkZ1a2wvZWZUVnZKb0dwWUNzVmxZWkpnZGMrRnR1WUJUM2RDZE1FWUMyTWdkUjBpRGo1QlFmNUNRTSsvb3VUV1FsZ3JhL1NsVDhxSkZ4YnpiTUZISzIwZG5CNnlUZzJUV1VjdXFCVTZYY1lrRndmaXBVczMyOC9kMkFnKzNydS9rbTlkcGpGVk84dGFQcTNmaXp3U1FidlBYUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 250853
content-length: 0
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 107ms
31ms XHR
application/json 52.30.159.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.159.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-159-215.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ad9aa348dd471ba5c825d4db7323c0d2594b181d88f9e6e304d8bdf576bb553d

Request headers

Referer: https://kooora-lives.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache
x-server: 10.45.1.116
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
212 B 142ms
45ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fkooora-lives.net%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://kooora-lives.net
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 112ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 61927
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85366c8a3f24917a-FRA
content-length: 4547

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
510 B 43ms
43ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43J7B78XJ9GXVX2DBCD09
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c89df7a65e1-FRA

GET
H3 200 _user_tz:~date:2024-02-10~gr_by_c:1~c_tl:league~c_lk:1 Show response
kooora-lives.net/wp-json/anwpfl/v1/data/get-calendar-slider-games/202402101830/ 11 B
706 B 533ms
533ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora-lives.net/wp-json/anwpfl/v1/data/get-calendar-slider-games/202402101830/_user_tz:~date:2024-02-10~gr_by_c:1~c_tl:league~c_lk:1

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/fl-pro-swiper-optimized.min.js?ver=0.15.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbab9dd75b6cbfef7580eaef179cc8f67d20f96c9889cb3f2f9939a6096f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie,Accept-Encoding, Origin
allow: GET
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xnwg%2BuvYWxUvi7oNbZQ8zC7lXFe8ml0%2BxBEbHMNy%2FvCyNnBUPpLgQmLRUJnJF21hgmZs3XQ5t%2FNgx4s3uUmYe1Omm5jXGCxWGWcYXCfeDW5c8%2BzVjnMgi0srOBJy7b01j45fxp8uYLr2Ek51UtRd"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: public, max-age=0
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
link: <https://kooora-lives.net/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 85366c89fdb37188-FRA
expires: Sat, 10 Feb 2024 18:30:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 114ms
66ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d59c7113513f474e56b48e3e3a4385bb0e7a10c1ba6de348218e97109411677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12257
x-xss-protection: 0

GET
H3 200 loader.gif
kooora-lives.net/wp-includes/js/tinymce/skins/lightgray/img/ 3 KB
3 KB 98ms
98ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-includes/js/tinymce/skins/lightgray/img/loader.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399081
alt-svc: h3=":443"; ma=86400
content-length: 2608
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:13 GMT
server: cloudflare
etag: "636fac8d-a30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojpuGTY5hVZtI4IE1sO4afhU9eLNvJIurKJJuJs9%2FXfOjdnPDWRzemOJHaqbPITwUo%2BupKKOIj3DVeDIIwk5k9OJx%2BKs44UTlxJaP8McKW5CjzSPl2Fjxjw7q7cbnbAhQ6uFXAVbav23dRaFzDEQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 85366c89fdc07188-FRA
expires: Sat, 24 Feb 2024 13:52:32 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 184ms
184ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_fluid_sq_new&pdc=0.6362159729003907&e=tcp&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8a0fd765e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
508 B 216ms
215ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=kooora-lives.net_fluid_sq_new&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43J7B78XJ9GXVX2DBCD09
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8a0fda65e1-FRA

GET
H3

200

koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg
kooora-lives.net/wp-content/uploads/2023/03/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg
https://kooora-lives.net/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg

52 KB
52 KB

34ms
34ms

Image
image/jpeg

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75878746f86699575801c0577246a773787835cf9075ea5753deed6fcba3bc52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399073
alt-svc: h3=":443"; ma=86400
content-length: 53002
pragma: public
last-modified: Wed, 15 Mar 2023 12:47:42 GMT
server: cloudflare
etag: "6411be6e-cf0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwl0Reii6p3cIKTWWooQYTkhvi%2BAqUWOh%2BAJO1o%2BP1fx6twkUOA9s3g5BxDwUHoEjREy6YhMx4e8ZTHkrBKMCirJlVw4q3Wmz8MEKAQk%2BfIZbOc7jptntXiEljsoae4Hk24ugw%2FfZ%2BODVnGDOscm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 85366c8b185a7188-FRA
expires: Sat, 24 Feb 2024 13:52:40 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RLThEKmI4gwVmt1TckCNRNvVKEAyyCRFcCkeX2HZlyMbQJKXUeaaceGaeqnw5JBCyoOEC54Lawup%2BDb36bPZ5QHyiX85dLODH6%2FjwaYIACs78Mv46xwNxLdPnmY23PAaFzl4YtzYWGsV152C%2B8v"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg
cache-control: max-age=3600
cf-ray: 85366c8aee6118db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3

200

168-1.png
kooora-lives.net/wp-content/uploads/2023/03/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/03/168-1.png
https://kooora-lives.net/wp-content/uploads/2023/03/168-1.png

20 KB
21 KB

54ms
53ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/03/168-1.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 780bfce19ea9a74d61dd90f780ecdda7ab4dcb9ef19f95fd12f13f490aa10acd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73779
alt-svc: h3=":443"; ma=86400
content-length: 20991
last-modified: Sat, 18 Mar 2023 08:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdb5X5Rtr%2BJYdoRb%2BT9tlGs%2FTbjqJR7mi1o4V%2Fxu9OfnRv1M63dQt4EIk83CvXtUzIiuH6KPoemhkMCdt373zNGguSm2gBrNNaltG9uLruElBCybS9ZJSu%2BBVMcHfkY38wf%2FPIJ00YJGrm5kPVvi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c8b185d7188-FRA
expires: Mon, 11 Mar 2024 22:00:54 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jf7TkWysVKqQdJoZm47QwSkRVw%2BdP41swAFw8qhJlLL%2F3BM%2FsbnTaBueMkZekpECro%2Fe6Mh10I9Jj9KAuNNRAabQ1WfRt3bHR4obGe801UnxAQ4Ts69GH3Gw0EGMx6%2B9d8JNWDc%2BHwkktNXZ%2Flvt"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/03/168-1.png
cache-control: max-age=3600
cf-ray: 85366c8aee6518db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3

200

157-1.png
kooora-lives.net/wp-content/uploads/2023/03/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/03/157-1.png
https://kooora-lives.net/wp-content/uploads/2023/03/157-1.png

24 KB
24 KB

72ms
71ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/03/157-1.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd65871333f32a3f54174f62fb06282f9dcad18926ad1aaf575f8962f17bc7d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82343
alt-svc: h3=":443"; ma=86400
content-length: 24567
last-modified: Sat, 18 Mar 2023 08:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Fxwzu%2BomJCQB5xtKPxa92qbQsq5mVBWeU2FxObjJi7wmX9dgR4XxUUwswUwvTr%2FXz4V95Vu%2Bjf1H5HdoXK53zXtZbwXOprxMw4gUCGwB3BQRQXKlfmcKxGCCD%2BKfAxOgD%2FOVHhioAGC1Oy5Fthx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c8b18647188-FRA
expires: Mon, 11 Mar 2024 19:38:10 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpNsCFMWH5NFkMjjPhfFRK2vuhQ%2BKek%2BhDCyfcM%2BAyFbnZPZx89A4LsX%2FjyJPPIwz%2B0a%2FDhEfUA7SO5XRA5Iep2dW4UMVdh5Rqd3ieyYq37CyB6GAuiGooPzQvcZuCfL8EWtFOb6breb81qiHlks"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/03/157-1.png
cache-control: max-age=3600
cf-ray: 85366c8aee5d18db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H2 200 uuid_1qtaiy11gswx327s0vkibf70n.png
yalla-goalz.com/wp-content/uploads/2023/03/ 7 KB
7 KB 102ms
33ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yalla-goalz.com/wp-content/uploads/2023/03/uuid_1qtaiy11gswx327s0vkibf70n.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ed9a803841820c8f3940f0089458bb9c72d6947cb3990afb6a7a58a61065a92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111673
alt-svc: h3=":443"; ma=86400
content-length: 6681
last-modified: Mon, 06 Mar 2023 00:27:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBFjGy0ZADp1x7bNtCtNaV8GLMl0%2F4BvvKMvITYEnMUmQU0p9k3INOeoOBkXGzHtyJRPOKQ3UiChB9iBs0uK2H1WY%2Fumt8CxilaV8dxPdzqJSHy8EJ8tqTEUEbJ2hS7VrYUydi4qrsPthMyr6uc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c8ad927bbbc-FRA
expires: Mon, 11 Mar 2024 11:29:20 GMT

GET
H3

200

34-1.png
kooora-lives.net/wp-content/uploads/2023/03/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/03/34-1.png
https://kooora-lives.net/wp-content/uploads/2023/03/34-1.png

35 KB
36 KB

32ms
32ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/03/34-1.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b74f77780559a9a8a9d8b1f2b1ae61a052c788a608d045a74b985ebc69e4f78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1341198
alt-svc: h3=":443"; ma=86400
content-length: 35985
pragma: public
last-modified: Wed, 15 Mar 2023 22:09:18 GMT
server: cloudflare
etag: "6412420e-8c91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY3tSG0%2F%2B8XwP7R2J8UyIPxvcGGQ41SON4LXP6P378KXcoTIeqmjdzfMpCAhXUlQ8jqJbp2tUqzgkatxsmKExxrgq0LCxbLg7LOMPK52aaM2xKvGIAqshkrlHlHhvdiAtzXEmXAIKZxZMlb0cepa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 85366c8b18627188-FRA
expires: Sun, 25 Feb 2024 05:57:15 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luTdxBGyfSkjsiUjOVCykn2B2u75se8OPW685hcPU%2FcN5DJM9%2Blxg8FgH1OcgexHmpyyUy937SPiqG6ILp9Yo7Chp1dPRWKDlwDiEXtrmlNa8EwDKTFd94oZfXOgtrFRBhjNDfUqH6TJs5NZpprv"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/03/34-1.png
cache-control: max-age=3600
cf-ray: 85366c8aee6418db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3

200

541-1.png
kooora-lives.net/wp-content/uploads/2023/03/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/03/541-1.png
https://kooora-lives.net/wp-content/uploads/2023/03/541-1.png

22 KB
22 KB

73ms
73ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/03/541-1.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73777
alt-svc: h3=":443"; ma=86400
content-length: 22271
last-modified: Wed, 15 Mar 2023 12:50:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlPmDSmdHGXXMcADALAEc9Nz39xI0TInrnWAFtgk6iOkYv3pBJF0pELEV9oQgHNlkd78nE67xdX%2FzUrVFuLae9sACJI6yEx%2BgLm1aFaHPEIhGEDB3yuI2Kbfug2YKNioZrwSJC1OEzWDfEVlrVXP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c8b18577188-FRA
expires: Mon, 11 Mar 2024 22:00:56 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJFkpGVygQ3FFglnqtZnnieWb50XNVD0f0nc0wAG%2Fe%2BE0nlKZXikTDdkBFiNtDyU%2BF0EEpFEQVAnAnmtzxXnp07PpHlnSW7k%2Fxq3nzSXUJDupMlg4Ssv0LaWmzOURj4%2BAZ0hOI26TXhRoasMUYRu"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/03/541-1.png
cache-control: max-age=3600
cf-ray: 85366c8aee6818db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3

200

547.png
kooora-lives.net/wp-content/uploads/2023/04/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/04/547.png
https://kooora-lives.net/wp-content/uploads/2023/04/547.png

30 KB
30 KB

54ms
53ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/04/547.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeba13fde654fbf6062bcd5b369ca3f1e779b4f5901a52989c96302c5ad6e772

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73777
alt-svc: h3=":443"; ma=86400
content-length: 30293
last-modified: Sat, 08 Apr 2023 23:11:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfA6Jii%2B8uM%2FpSjRl9Eawe8gdRVG1i7%2FjgpYTt8LR2%2BUvZBzJSaGOyrjI5H4CxN0VfC2BdC5gOjAWhftZCgTarrcLQfT9f83AYNcHqXBqclIQe0lzIYQIf275JHtS6REtsSLuGVKRMOjJrU1ofrQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c8b18637188-FRA
expires: Mon, 11 Mar 2024 22:00:56 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGAQCfqLIKMdRbDfNMTgdX8zClCS1HICmm0Voc4hAPlv%2BQxjDBIlqZ88aY4OEL6xQz3kXpjdD0OAeAHo8XerOWK543XZyKZbleg%2BlOCWSBtMjH%2FVw8sw5B1Uuvw%2BaYe0bMZJ1c1Cq442%2BqlnQLQh"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/04/547.png
cache-control: max-age=3600
cf-ray: 85366c8aee6b18db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3

200

497-1.png
kooora-lives.net/wp-content/uploads/2023/03/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/03/497-1.png
https://kooora-lives.net/wp-content/uploads/2023/03/497-1.png

15 KB
15 KB

71ms
71ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/03/497-1.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12e06f1d23fe8f22ded1744d57ad7bac5fa202359cfc6a641474adfb1e304634

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1149799
alt-svc: h3=":443"; ma=86400
content-length: 15108
pragma: public
last-modified: Wed, 15 Mar 2023 19:01:48 GMT
server: cloudflare
etag: "6412161c-3b04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6%2FkqnW74p12FSqfOEWqb3J1d6GF%2Fcw2%2FHwVGTypKRzTWpqc%2B7Y0UlmJrugQEVnpYux83sFZ90xqajFo6cqdv9RFD4N%2BBpYp2ycKzje9d354SZRDfvl%2B2lY7dy3w%2F%2F99FVGp4dDp2P84zUNh2ul2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 85366c8b18667188-FRA
expires: Tue, 27 Feb 2024 11:07:14 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyVxgm5PamREOA7EmTdlAK9%2FzxgD4RDfa2qavbkCMQgoDIgXsN7sV%2FvumyBjXzrz0q%2Bro9T293C9%2B8Onm8XSz15ps0A03LCP9MZ0U2UWyK%2FuddReALwL88MDQ9RNxNswsWvohGx45rskFyfmkbJ2"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/03/497-1.png
cache-control: max-age=3600
cf-ray: 85366c8afe8018db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3

200

224.png
kooora-lives.net/wp-content/uploads/2023/12/
Redirect Chain

https://kooora-lives.com/wp-content/uploads/2023/12/224.png
https://kooora-lives.net/wp-content/uploads/2023/12/224.png

3 KB
3 KB

70ms
70ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.net/wp-content/uploads/2023/12/224.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d3c0404baa99c35d7eb6aa8e2c0d43cfcfaee21bc8537330747ca7ea028213

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64444
alt-svc: h3=":443"; ma=86400
content-length: 2811
last-modified: Wed, 27 Dec 2023 23:52:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYMxxmWKyGYIX7qgheTweqhHKIjh9OX%2B6iNFwG90OfT5y4MejtB%2BOu2yAYn0jq7URDP4%2Bjl%2FlVc%2BXqpc80wgcOwbIOWyDi24E7kl9B%2F9zyN1Fw%2BEoB4fk4qzkcY%2FeUHVzayZr9OyF8x2o25jCfEL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85366c8b186b7188-FRA
expires: Tue, 12 Mar 2024 00:36:29 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGu30X5G5D%2BT6LKxXTdP%2BbhGaqEpmMfozJclqTeQvXjQCOR%2BQDMo9LKWxmdVZxrn5JRHk3fMdOar%2F4vMASA54EZxhhBWuJNvWiS0hJsGCw%2BKdv%2FkFkiDSxKG0xdXaeiFu5L%2FT4GtEExMhs3Yli%2BT"}],"group":"cf-nel","max_age":604800}
location: https://kooora-lives.net/wp-content/uploads/2023/12/224.png
cache-control: max-age=3600
cf-ray: 85366c8afe8518db-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 19:30:33 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
46 KB 409ms
409ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=4178341955554573&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C76969c1a-f69c-433c-be9f-b0747ee3da48&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707589833340&lmt=1707589778&adxs=262&adys=469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiTpKSi2TFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiJo6Si2TFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIijpKLZMUgAUgIIZBIZCgpwdWJjaWQub3JnGOSjpKLZMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEhQKBW9wZW54GIijpKLZMUgAUgIIZBIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YiaOkotkxSABSAghk&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26chrand%3Dy%26pof%3D0%26bid%3D0.35%26bid-p%3Dgoogle%26bsc%3D66&adks=2863452825&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3f7169d0109ab10894e689b7b406364eca8d7546393a0ca90eabe5ea0597369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46869
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
507 B 79ms
79ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_fluid_sq_new&pdc=0.6362159729003907&e=tcp&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8a68c565e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
509 B 44ms
44ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=kooora-lives.net_fluid_sq_new&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43J7B78XJ9GXVX2DBCD09
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8a68c765e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 165ms
165ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_fluid_sq_new&pdc=0.6362159729003907&e=tcp&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8a68cb65e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
509 B 193ms
193ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=kooora-lives.net_fluid_sq_new&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43J7B78XJ9GXVX2DBCD09
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8a68da65e1-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 313ms
313ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=4018259623810455&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C76969c1a-f69c-433c-be9f-b0747ee3da48&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707589833347&lmt=1707589778&adxs=262&adys=2151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiTpKSi2TFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiJo6Si2TFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIijpKLZMUgAUgIIZBIZCgpwdWJjaWQub3JnGOSjpKLZMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEhQKBW9wZW54GIijpKLZMUgAUgIIZBIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_6SkotkxSABSAghq&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26chrand%3Dy%26pof%3D0%26bid%3D0.35%26bid-p%3Dgoogle%26bsc%3D66&adks=3299870117&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c322db6733fc1fa6cdac21693d809ede3774c049aa5ba5553daefd2d7ea4f218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12908
x-xss-protection: 0
google-lineitem-id: 5564064680
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 123 KB
46 KB 461ms
461ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=4205757685771993&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C76969c1a-f69c-433c-be9f-b0747ee3da48&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707589833350&lmt=1707589778&adxs=262&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiTpKSi2TFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiJo6Si2TFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIijpKLZMUgAUgIIZBIZCgpwdWJjaWQub3JnGOSjpKLZMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEhQKBW9wZW54GIijpKLZMUgAUgIIZBIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_6SkotkxSABSAghq&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26chrand%3Dy%26pof%3D0%26bid%3D0.35%26bid-p%3Dgoogle%26bsc%3D66&adks=1594690857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

071c93547b26ce1008d79f6fd08046324e64169591df60dcbbbdf61b312150e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47349
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 130 KB
48 KB 272ms
272ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=216827754892435&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Ceff2c4cd-5bac-4bff-b44a-d0fa931777f1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D2c1aaf487582aa24%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_MYvB6JNEohkoHF1a3ZqRD49V9T9CA&gpic=UID%3D00000d55379c93ed%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_MZnLC_aoz9qLJqlw39OKsXBWUzwYQ&abxe=1&dt=1707589833359&lmt=1707589778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYiaOkotkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiIo6Si2TFIAFICCGQSGQoKcHViY2lkLm9yZxjko6Si2TFIAFICCGoSGAoJeWFob28uY29tGJOkpKLZMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEhQKBW9wZW54GIijpKLZMUgAUgIIZBIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_6SkotkxSABSAghq&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D66&adks=796937082&frm=20&eo_id_str=ID%3Da46221fda0096143%3AT%3D1707589833%3ART%3D1707589833%3AS%3DAA-AfjbTb0h19VHEzR5Llmjf15wq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a6b4161ff67f0b18a96b7d8523b80ecac623f15e1f537683602ccf37b28b52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48752
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 0.php
s4.histats.com/stats/ 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 121ms
63ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 18:30:33 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 1C03 199 B
298 B 81ms
27ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sat, 10 Feb 2024 18:30:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
512 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8b5ac265e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 176ms
176ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8b5ac465e1-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 628 B
296 B 523ms
523ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=1332964886680943&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cc5d4a7f2-48e0-4ade-baf2-1d28e0c338f9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dd9369aae9a1407c5%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_MZYFkumn6tswF-GPg49izSITEFgJA&gpic=UID%3D00000d55363c2cb1%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_Mb1AgAWdpTgYtYZxw0ilHuAFWzeOA&abxe=1&dt=1707589833490&lmt=1707589778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYiaOkotkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiIo6Si2TFIAFICCGQSGQoKcHViY2lkLm9yZxjko6Si2TFIAFICCGoSGAoJeWFob28uY29tGJOkpKLZMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVN6VjFkVGxYUm5GUk9VOHZVSE0xYUd4dWVrcERRVDA5SW4wPRiDpqSi2TFIABIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_6SkotkxSABSAghq&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D66&adks=369160676&frm=20&eo_id_str=ID%3D1ea1b43f2bd6b0b8%3AT%3D1707589833%3ART%3D1707589833%3AS%3DAA-AfjZ4a4Qj6umIiZ1ZDrhL46OP

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbdab3a5aec81caa26771272cad151ced9be4412dd116df6bcb02a46e3e7831f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA19 13 KB
5 KB 22ms
18ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:02:27 GMT
expires: Sun, 09 Feb 2025 18:02:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2FB2 829 B
1 KB 79ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

babfcedcdac8dc088df29fedf3fd5348df0e4ff11ad28a8855a7a147b6c6c421

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CPJl0Vrf12AeB4UvT_GxPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CPJl0Vrf12AeB4UvT_GxPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sat, 10 Feb 2024 18:30:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame DA19 39 KB
15 KB 94ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2FB2 0
0 68ms
61ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402060101&jk=1941852099388345&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 container.html Show response
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F58 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sda.css
live.demand.supply/css/ 4 KB
2 KB 37ms
37ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/css/sda.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HN69YG19T29FXMYMBDC9B08M
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 999002
cache-status: "Netlify Edge"; hit
etag: W/"e3bf5df30d7f62eba8446b559847d731-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 85366c8c7c5c1cad-FRA
alt-svc: h3=":443"; ma=86400

GET view
securepubads.g.doubleclick.net/pcs/ Frame 3C21 0
0

GET ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3C21 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 363ms
363ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=2351514028246177&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Ce0a08bd7-890a-411e-9354-89541a0c963d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1de6a38d4338a82d%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_MZebq1FRxWKr3kIx07AeSVzW80rng&gpic=UID%3D00000d553750a52d%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_MaVsgLdyPdmYWc2u8PFaqOirIo4mw&abxe=1&dt=1707589833702&lmt=1707589778&adxs=262&adys=2151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYiaOkotkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiIo6Si2TFIAFICCGQSGQoKcHViY2lkLm9yZxjko6Si2TFIAFICCGoSGAoJeWFob28uY29tGJOkpKLZMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVN6VjFkVGxYUm5GUk9VOHZVSE0xYUd4dWVrcERRVDA5SW4wPRiDpqSi2TFIABIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_6SkotkxSABSAghq&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D66&adks=4128078129&frm=20&eo_id_str=ID%3D995dbc5c481288c4%3AT%3D1707589833%3ART%3D1707589833%3AS%3DAA-AfjaH16gJAuymoMp-mMeqyhvZ

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88dcb4371df9e42f311b9407583c17e21e1791770b33368f53428dcaa05d0782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14314
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 61BD 624 B
689 B 105ms
58ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGPKZo94BMAE&v=APEucNXYuJ-RyktkgtPZ-kH5npTwuYeinVGib0HM0tL7y8157VxNn3MPE1jl92GJjyJ_0rlGoFziv7_gsrZK5Hnfs2r9AsbGoXwKXmycJmJpaBo28jkA4sd4wxO3Kkpe_zot2OP7aU1hnzDxuKixNZ8Pg0TG-aMSTXrJBHOt6eC9CVFP68K3H_M_Y-ikaNI6FQ151kpAoIR3

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sat, 10 Feb 2024 18:30:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 799B 172 KB
61 KB 87ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Origin: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 799B 8 KB
3 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 03:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 03:04:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 799B 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 14:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 14:26:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 799B 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 799B 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5DE0 1 KB
643 B 33ms
33ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 33423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sun, 11 Feb 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 799B 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:58:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 799B 0
0 29ms
28ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2NZIpY8WFsKD8Z01iUgxQLwIkiTFwiBE-hlow95L60zysgxzNZGAouFNQO4KaL4qeXQbv1shRymM7ZekWfHxvqZCPeA
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 799B 203 KB
61 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:35:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 799B 42 B
63 B 78ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQ_aswWu6rg51uddx2K_pPSptQoygVKWcTN0F5UNBc5Ivd7CKStcO6jQtVe5oPs44a2UddQRPhFPX3YwyltSpI_uE8s-pBXuAezXda3kx7wvPDjKc

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA19 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pugVjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F02 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.35&b=2&r=kooora-lives.net_fluid_sq_new&sy=6b2e424e-b530-43f5-b231-b5cd6977b942&ts=66&cd=2&pud=456&pus=c&pue=836&pid=43&pis=c&pie=880&ppd=404&pps=a&ppe=1240&pcl=522&ttc=1435&tti=1935&ttif=0&lca=1240&lcak=ppe&lct=1240&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.net&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8d2e9665e1-FRA

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0217 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 64783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 799B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 429c9bb1f4fd55658fd6da27f6f7b8a65e481e2ae156e87d2a978607c05363a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5DE0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUh2RzJHMzUxUnlTN3Y1&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cver=1&google_push=AXcoOmSdqTNAHBdZXeNwa6G-599ms3-Q8FhyvJqjLaDQv5R...

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUh2RzJHMzUxUnlTN3Y1&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cver=1&google_push=AXcoOmSdqTNAHBdZXeNwa6G-599ms3-Q8FhyvJqjLaDQv5R1pKeECiBnFKvaLtq-sMfyvS5M6b1HvAw5bqLlBE-7d6vlMZsO_awj

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Feb 2024 18:30:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-01d275e55739701ae@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUh2RzJHMzUxUnlTN3Y1&google_gid=CAESEFxAVxA2Dgd2Pcy7qMvcnbI&google_cver=1&google_push=AXcoOmSdqTNAHBdZXeNwa6G-599ms3-Q8FhyvJqjLaDQv5R1pKeECiBnFKvaLtq-sMfyvS5M6b1HvAw5bqLlBE-7d6vlMZsO_awj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5DE0
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELHyxnos4GjDxA8DyGbwM-g&google_cver=1&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8j...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELHyxnos4GjDxA8DyGbwM-g&google_cver=1&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8jwkdWu_A

170 B
232 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8jwkdWu_A

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQljfRGQLq0K8NG5s_1SqCi3P5UeekSx-pJZ-Fj7M-MIud-pDLtOBBQmC-SAfqeuq-6vbZhhwQ_1D9SPWO8wxj1d8jwkdWu_A
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5DE0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSoJ2...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-PSD0rofzKONo2y2a_Cp5cI9lhxoRlGX6v9nE0g&google_push=AXcoOmSoJ2yJc66oyQ3JElGUDD52S3Guy_iDXZxivCBAJhhuB_3XL5N_bm7BbejTJD7zDMS8qrAmj-g8MxJG...

170 B
243 B

42ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-PSD0rofzKONo2y2a_Cp5cI9lhxoRlGX6v9nE0g&google_push=AXcoOmSoJ2yJc66oyQ3JElGUDD52S3Guy_iDXZxivCBAJhhuB_3XL5N_bm7BbejTJD7zDMS8qrAmj-g8MxJG04VCMyqokkwTJHqRwA

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-PSD0rofzKONo2y2a_Cp5cI9lhxoRlGX6v9nE0g&google_push=AXcoOmSoJ2yJc66oyQ3JElGUDD52S3Guy_iDXZxivCBAJhhuB_3XL5N_bm7BbejTJD7zDMS8qrAmj-g8MxJG04VCMyqokkwTJHqRwA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 810571
content-length: 0
expires: Sat, 10 Feb 2024 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5DE0 43 B
236 B 66ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE2bmSl4DemJZ75chpfd5oA&google_cver=1&google_push=AXcoOmTdxq0_sSUTjRdEz-aOVYUzplG-btYItQeGCqB1VnMMC0zT7EPO4HhU_ekiSf-e_rnRjD08joRtVR36kHHXJTG0k6a0QSMS
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 ebda
match.360yield.com/match/ Frame 5DE0 43 B
199 B 108ms
31ms Image
image/gif 54.216.150.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEGftLKHHFxFyObbH0ptroyo&google_cver=1&google_push=AXcoOmTxR-Il-Ko4bpH-VMygmIV5hvM1SHWpqYSLddTc4H7PDXu005nWRdDhrkF5GVoQnPUSS2tx6Vf2IJAFEzZ0pqrs24QlYinc
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.216.150.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-150-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Feb 2024 18:30:33 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 ggl
ads.avads.net/sync/ Frame 5DE0 0
177 B 79ms
23ms Image
text/plain 35.205.207.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avads.net/sync/ggl?google_gid=CAESEDNPDy_vBztNLxvzMx5lcIg&google_cver=1&google_push=AXcoOmS09XelXe_aJcsLxZevwU1o8JzZf4hLqCpOjAMHn2PGWWKzPqzL-n0BjjhDcbdIIZX_xZFFSIZYerknGJEBeRRLILTHwcVWC38
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.207.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.207.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 5DE0
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDeehlxU1Pzm...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQdBezW7inM_OuepnKZy5PKMy5DayCl7lhJNVktAD3XMosj73WPyk4Cq_mhK3QazBX6RYcMoneiumuGdqyPiapulx770_bHsAo
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

42ms
42ms

Image
image/gif

23.211.8.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-12.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:33 GMT
pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5DE0 0
130 B 90ms
29ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfQztvtx4AW1gVSAX-NcrDEeFCQPHoxo8GlWjpL4riSV5EGicNqsmsZoD5Yhhljt9oGgdJjr0

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B1B5 624 B
368 B 60ms
56ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGNeXo94BMAE&v=APEucNVZpE7WlRzYRmBu_EmrXrMlYXKUwZte-BPBn04sXmMqrJ1434Aykc4k6_XT1iBZaMfjs3qhQ0tNf4k1gLMkISAyRBcMDvzPzWPo7VK6FwxGlSHd815B_Xhu-y1MGPTtWbVUxym5_o-APz3DkFRky_KsmwgsRTrOoS-pYIkLCL7_6umRwbhFtVZD0TA8t8HPwdCiklzK

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sat, 10 Feb 2024 18:30:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1F02 172 KB
60 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Origin: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 1F02 8 KB
3 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 03:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 03:04:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 1F02 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 14:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 14:26:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F02 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1F02 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1F02 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:58:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F02 42 B
63 B 61ms
61ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0FbMVEg3hlw0gNpoUwsfZXiL8DItHV_JgCIVATWhiLxtFh6AolUiNIttxlPHnVMAszHP0pT9psgXFynANGduawm7A9FqBZhq5mgbRyai1wxkgG6I

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1F02 203 KB
61 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:35:02 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 61BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1

43 B
773 B

79ms
79ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGPKZo94BMAE&v=APEucNXYuJ-RyktkgtPZ-kH5npTwuYeinVGib0HM0tL7y8157VxNn3MPE1jl92GJjyJ_0rlGoFziv7_gsrZK5Hnfs2r9AsbGoXwKXmycJmJpaBo28jkA4sd4wxO3Kkpe_zot2OP7aU1hnzDxuKixNZ8Pg0TG-aMSTXrJBHOt6eC9CVFP68K3H_M_Y-ikaNI6FQ151kpAoIR3
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjTE9nPRgHhDZwQFJzUX436QKVXzxXUhwWvGflIy85oaw0plG8isrZcX%2BDHtWEgGLH6GR6PJh%2FN1JGqdZGJBw8LPXStamLWHu%2BbN9kwdweTnKuGAAo%2FTH4uPGwda8vYQ9aCA0ybTg4wv7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85366c8e791d1b36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD7azh4SIQUGXNxekv0b4nyCcImktO6T1i9LrVPkGl4yQa6WV5gDtyAX64FSZmUBfXbvsuDeYfyDmquOy%2B399KVotphCG64UuUtmm6vxdPYskTnwEBqLU6sczI97bx%2Bs8wA%2F5HMKreyiYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 85366c8df9223802-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 61BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcfAybmqPeUAAF5dACBBBQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

43 B
737 B

84ms
84ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGPKZo94BMAE&v=APEucNXYuJ-RyktkgtPZ-kH5npTwuYeinVGib0HM0tL7y8157VxNn3MPE1jl92GJjyJ_0rlGoFziv7_gsrZK5Hnfs2r9AsbGoXwKXmycJmJpaBo28jkA4sd4wxO3Kkpe_zot2OP7aU1hnzDxuKixNZ8Pg0TG-aMSTXrJBHOt6eC9CVFP68K3H_M_Y-ikaNI6FQ151kpAoIR3
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaieESmTJxam5yNq21qfumzjqWVs20YNCOTvfERzP%2FHzyKG7k01WWWKHIsUGbmNZ%2BcVMmija46VMwk4B8H2Zvy%2Frza9uMsasjSu2sl6yNc6b8UfwLKVvd%2B2WYafVl8IIUmNFq%2F3uHOJA%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85366c8ee9ef1b36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 61BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Efv3WrxxQcuaTJ0EZtWk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1

43 B
1 KB

21ms
21ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGPKZo94BMAE&v=APEucNXYuJ-RyktkgtPZ-kH5npTwuYeinVGib0HM0tL7y8157VxNn3MPE1jl92GJjyJ_0rlGoFziv7_gsrZK5Hnfs2r9AsbGoXwKXmycJmJpaBo28jkA4sd4wxO3Kkpe_zot2OP7aU1hnzDxuKixNZ8Pg0TG-aMSTXrJBHOt6eC9CVFP68K3H_M_Y-ikaNI6FQ151kpAoIR3

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
an-x-request-uuid: 1ecf5095-95ed-4455-a359-2b9384553429
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
an-x-request-uuid: d8ef000d-2a56-42c7-b32d-c5e90535d1b5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
an-x-request-uuid: 784320e5-47b0-4b27-87f5-fe7ca6b45be9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 383B 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
512 B 152ms
152ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.35&b=2&r=kooora-lives.net_fluid_sq_new&sy=6b2e424e-b530-43f5-b231-b5cd6977b942&ts=66&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.net&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939590
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8daf9265e1-FRA

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B1B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1

43 B
461 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGNeXo94BMAE&v=APEucNVZpE7WlRzYRmBu_EmrXrMlYXKUwZte-BPBn04sXmMqrJ1434Aykc4k6_XT1iBZaMfjs3qhQ0tNf4k1gLMkISAyRBcMDvzPzWPo7VK6FwxGlSHd815B_Xhu-y1MGPTtWbVUxym5_o-APz3DkFRky_KsmwgsRTrOoS-pYIkLCL7_6umRwbhFtVZD0TA8t8HPwdCiklzK
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOxwf2ObF6GtgIk6W%2FMDtSS5ppBWGe15QFjJQ4edxhQzzH%2F9fSsnIGjKj4Ju9H%2BsyREPacph%2FdiR8EC%2FruSDaQ62BBbsFh2BqRfSTkID4ctisVTgBAz1ij2JYfaDQQDgx8I8ols%2FS7lE3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85366c8e59dd3802-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tum8v17aqTh97mXrp9f1hMLNc2lNNlqiGzYkQF2k%2FNKW8wvHi12jaOvqYq3de3XaWYHoBdLCP1f25o8z%2BaIT3hrIYLkwTAKNEh6jmdUHz1%2F1WW55l3PphI5hNJ7j44qBYfdd7XGKeFFnRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEIRIDpMH2M5te-sgs27uzNA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 85366c8df9253802-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B1B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcfAyVVbLZUAAG0BAB-XmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

43 B
734 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGNeXo94BMAE&v=APEucNVZpE7WlRzYRmBu_EmrXrMlYXKUwZte-BPBn04sXmMqrJ1434Aykc4k6_XT1iBZaMfjs3qhQ0tNf4k1gLMkISAyRBcMDvzPzWPo7VK6FwxGlSHd815B_Xhu-y1MGPTtWbVUxym5_o-APz3DkFRky_KsmwgsRTrOoS-pYIkLCL7_6umRwbhFtVZD0TA8t8HPwdCiklzK
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIcjYWKS3Fcnbo94%2BQ8IBGJ38sdIrwG2T1FW92iaiFNP4nDk9pYjjX8lOUur6M3ge%2Fdc%2Bh4n0OOnLbSqs6aPIbi7lX73C7zwqdL8z87%2B8tpqi2D51DB5Sk1bSjh9HZjpU28LlPhyP6N%2BLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85366c8ee9ec1b36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame B1B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM0Efv3WrxxQcuaTJ0EZtWk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1

43 B
1 KB

22ms
21ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGNeXo94BMAE&v=APEucNVZpE7WlRzYRmBu_EmrXrMlYXKUwZte-BPBn04sXmMqrJ1434Aykc4k6_XT1iBZaMfjs3qhQ0tNf4k1gLMkISAyRBcMDvzPzWPo7VK6FwxGlSHd815B_Xhu-y1MGPTtWbVUxym5_o-APz3DkFRky_KsmwgsRTrOoS-pYIkLCL7_6umRwbhFtVZD0TA8t8HPwdCiklzK

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
an-x-request-uuid: 02ddcd0b-ad26-400b-97c0-7ff7fd1f7b32
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
an-x-request-uuid: eb236102-7d56-4bb6-bbe0-78902698697f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM0Efv3WrxxQcuaTJ0EZtWk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1B5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM4MTc4Njk1MzAwNzg5Nzc5Nw%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM4MTc4Njk1MzAwNzg5Nzc5Nw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
an-x-request-uuid: f05df266-872f-4e88-a0fb-ffbee500d8f1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM4MTc4Njk1MzAwNzg5Nzc5Nw%3D%3D
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 11 KB
3 KB 74ms
31ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a25253204eb116cbbc287fe89619aa9c6d40dfdb7ffcaa18a18fdff7c970ca6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3085
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 799B 0
0 117ms
63ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuiYp6TeW-vg2vSl4hOFfohJH9WtCvtV-hb3WTBlDbpv1HDoTEMDs9KEfCi-nyZZ8Wy8cSgC2rn93EHDC24j_yj-9zk2CgsL7wf1aKBi4K-qYLEsT3YmhnMJOGdJVEYp-e3YtMl1DJCBT6ws-PAvfnV646h8KbuJhxwosLmpi24GCXMdsIV2Xd-xKfJDGdNhNheMPy3JqLaX0IJ9_IRxJeCMNS3tFNRSZ-Bh21aAb9KzYbwQYPRJFTb2GTuNWYLnC66c2lzUvk0h8tXSV9pijfxKD2t0--zZNNBOKMarHa3Oafl9Exr2ycgwjFi8DfcOphmIJwQ1awjFMafs1PXcKPD2LA5ZR26LFA7JwuU4YcKfg-n6BwnhEno4OhyltXrey2f3NURJnbwfQsIB5HYqv0Is4CZl5k2JwyPxhH7l8y8VcbNT_SPT4B9VlkodwrDMKtsJwSAkjIisEcmXFdSaBN6UQAfob3xf82147le12UZHrbJ0zAoL8VTNPMssjzrS0XQ4k4CZ82O93CTdMmnoF4LbJt-tfCucQeGrAFk1sKnXLODnpj1VtsmBFaOGOPzfNidaPyxZ0yA17NotymashK8vyZORXz9Bc26euWeftHqD8EoFBDPwMBIVzr6vDPRcTXBOAqh0bFGNc7N9oj4OLj9dwk0FaGzp220J7mduK3W_PjJs67heeuTWU3b7oxeAyheLfOLKHDerLffH4xFg4oIB4XrlC8phICyyC3n_Q6vI9PaHDHk38R1PSBdFDy3H4FSMWUd5ogDiEn_YfSxwRaimkyp4d3se48qQcyK4p-y-sRw97dhj_I1wNN0N4JpWkn2u7dPIiLXY9J86rUgIdWvUyqqcI1VQGtnDkR_xJ73dShyNTsorwegxYcOXBIe_OabAwHM6UUpssMFGdxiLOFuMJgInImCq259MyBfQ3CE_sruGIpGnxYY8kHMV-on1lKRgi8AQ0QXD_0sUoAAo1XXlIJKAqA9Jb7C0L1O12C-vAgScOfOJpIs0YBNEuGJiKU6QAXIShRPq94FyHOgaT2EjYBn2e-xR6U_Xm_trmwkHPR6bb9XGWm0VOxUjeRqVnkcEaTks2Y0_UOZluiB0tC_g4zLMhDiffJID7xkEKHpjSRXYb8eBGElI5zVwILhixvgGhsBmy3wYrdRo1asomcuEBJg1owF80jXr2hR7kHoJszSTs20BCMVwRComPeCJaeBSpBewFAKxWfvs5jDzyBV_snAJnGLeopivOtwrBVAcj7VgVQL6OW8pYDanxeBCQ2lJaYe2cWodI4X_R3mJhrA1vjEf36uClCHyNiiBmF5tFr_j7YLnaYB_7Brs7ImhJOHv_019u1uFARXTChWKIlUZvGlPX8M9Fm3jLMFwEJnQMdnH30Hr-XA&sai=AMfl-YTAmGvIBmjySmzEw2s8n8rngKwvezfAze9ec82ZthLaX4qIhoxOTK0FSOVHWXQwxSca61Fm610E-7PyyWcWNSWlwK1NoK-zkuoVgjdflnnGLlhN50YhHG3x34u-Yg-LgwYfJN_pnNYkIcJLub--f34N7mAkTVz4LFArMLbMVGoqwWKr8RpBjljzHDdHaCV_BBaFPER9oLn-6qIWKcPiWiyoJ3vyRyudW07sAl26aDd507m1oU84iIRw9Iyk1XxWgND87b5wnmndT60orrOpqcDkizfIrBqUbYusz-slm2lx-13fJdqoSxEpzx_p6fRJkIO2WNkc5-9a_GiK30hkYF5QAggPmDxiU0YfFexoGzDRyut5ZDM8XvikvAvp58M1luFNVoyyFq2EZpHtH24hrcbWvqWL-rwF9EfeBgKDxqJ7VMjskQ&sig=Cg0ArKJSzLegiOwJuHNnEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oYm9tYXguY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=163&cbvp=1&cstd=158&cisv=r20240207.26352&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 18:30:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:30:33 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0217 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 942E 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 64783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F02 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a056d28b5560eb81f628cf36be8df49e5361297bb0d32491cc89700ec959715a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 11 KB
3 KB 34ms
30ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65968d40e7f81144f12f72ee2116435a72df500bb6df6655ec7d34b0bf90d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3313
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1F02 0
0 84ms
66ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsviAtYAELIsSDTyJIWYD7-F66qsfoAppLPboljeMX1Pqfd2SOIZzpY0n8iZv9oDJ3vOD4leCPkRNXAMvw5zroENhVnQa9xKX2JXjGl6Za3BZ5g-LEDtDWN8HkzoWFEgva04KiVuu0L_jWXZlVbQzGqVNrnba-thRXfu8w9bQmdHOEXjyz_wlvhwMhUAIjFaA0IaYUFt4dFPs3N10c0cdngOxHdzbhlwegFCpJF7O1uvSTl-FNat-PbFcPDkQnrxT1MCC13GQpAvcxYNB9B9UjUmBfz5R7vnKQVHP0ZP9qV0QyNBV_m2iFDKBDPboRRym4IzR3_IIvWSrqe8PKnSlKhpCy9Ei-X1Xlkl5FUTmISXw8dvAF_66YZH_3Ow3z0YacRV1LowW3AN6Qo5rcjruFix-brCdQTJINFefZGyt1GiCTs-SsvWKZhRZKjXpWD89pYS43SMUdmtI_pMKsev04roBwIZHcMw79DftVOuXcqQuE8AlizD5Cpld_VtjIz3YmwlDj1z9-63WvK_uMg0bOUzTUeqjLCtYI8kG1pitxx-_8bPBMpW0BKzPMuDHFSoVA5SI1HntGxEWSDWoi-nLrrjwqJwoUoNiOfUG3skcRaU_-zDt84mLGNYaK8uOZ7xeki5zylqM7kIlSLnkomhC_7Rtbd7jMlhXYYUnNRmpGhalUAIYqPr6XA6Ref_k3JlWBT8Wjj12B1z9OqAh-KI41GNI6BZVJ_8qSo6HVz16ZU7KT9VARYJy8BdC8B3eg-jrsDZ-GWF02cgASf70Ej_Jn0_dj4e8Mu2pgEAvjNTzFIWfKyBvB6elNVtTN5u3QJRHenk4rMpWKwx8K1B2LnVvedaptbFz5sGphjhxrrVfGNFWrI4df6OmGdq63WKlZXLOPYrkAkRaR-b3hJuqFIHSzjtM72i20i045ulIdJLNb_QveVYc8Q6VLck60bwhP1iQ0KkADFpeJBaRmIIVNWKUyuH1daHHosTchMRx8YsaimcEeQkkI3E7KgpqMzpWJW4dRO2J2gjoVpBmmPFjMQ_3Jgj7Dp64d9H_M2vMB7yDGpNXbvROQ60aQV8DjuBzhNlJCZOrqG0sJTFH1zJ_tQzPrYluJY2JwHpDPAqPTp6BKpiIv1220mhLDNfM6zgF0QYTyzmOWr8oNBjsxlm53c1KvA1UnGHVbkIZi34NnNSk_VAeuQt8KpWbq6t4wMV-JQ76yXPJ4KTaAa7q6qPws_6zXCrag4BWWaNZhETwme8wyK0h6dSTSkupOZVOQDY1OlNHv0i-jIth9RTUHGNDvNWwamZVSueyQAcrWnitk6Y4GyH18ruyz47caJ6h6M6ULi98_k3Wf8ZPJV_WlEmajVNM5PmA-4AjKM&sai=AMfl-YQSvuZuHW0PnPBOq6rAAu97u1gdbircRNqxPnVFQRDEAxO6ctmaga2r3HWkW11u7ODrSdasPLMlUobWhNZiLfrt0YFzI2v28QOg05QO3ysy6EK0iw-Ga5OpH425LQ6UYS1cwlanaFvqMAZUAL99e-WqhpM2uuvNXWoUZvPo7VL3hWUAxQIuf4EPHJtcnBIeLaGAz2rgAmT7TsSJUw9nXq8GcOSyYrIIulEm4ONMOAy-FxwY6l4tXRNbg3nuaKU6x3-wgL30VprIuUeeKXZNhW5Jhy9baxJY5zZoQR9iJIRgDB-EhLkVyl7FYNbRTHg52W9h-UfglHqalym1jRNwd1Ot7nyiJNFMOoM0apI1KPZSmc5vxQkESsvpmuxzeQBP0vntn0b9tqXXI8itcJceqjHWkTpapLY71GzTLYv0DzmypPLKVXSxlvCWwlw-LFhpDHQwz9lKTUrgiGlMhYU_BAaVIGN87M8xKygoIQJjXxRelQw8fPK4fPKawQrDR6k8hVNLKzQ&sig=Cg0ArKJSzAonT0bZ9F_wEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oYm9tYXguY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=114&cisv=r20240207.50965&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 18:30:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:30:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF3B 640 B
308 B 58ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfMPxDe7KqvAxi4q_L5ATAB&v=APEucNWDZ4DPKv2XDbbwyOWvPS2AbiN36C9Rb0df2S-_HXbi_8qzIjfEznwH2KdaCXn5sseJHEeG1mATm_cI8l6_BMYdvFguVjVjy9bZPsTnMLEsgn_9OZeqKXQeTDS3EOJXWHByrIVpvqfORhU-EnWAX9-M7MF7ogl6d6kx4wEA7pGHZRAd4-7SjiwaYz2sNYQRSwG2_6ed

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 383B 172 KB
60 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Origin: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 383B 8 KB
3 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 03:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 03:04:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 383B 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 14:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 14:26:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 383B 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 383B 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 383B 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:58:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 383B 42 B
63 B 62ms
62ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_5-CU6Av4U3-3AgiUOjO-JAdCTYgpxRZFbtCosD3kOf6Tc1GnAvHAnKnUSoB8QWc7XF4IYgDLUDskcRrN2FBJsUUZIBVxwNvIdU-uPr_UhRJUTWE

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 383B 203 KB
61 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:35:02 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 942E 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 6 KB
2 KB 27ms
27ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:12:28 GMT
date: Fri, 09 Feb 2024 09:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 2 KB
708 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5992499e837988e85ce84367cc91902a955fc3db001e5911bc0c66451810885c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:12:28 GMT
date: Fri, 09 Feb 2024 09:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 678
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4972 118 KB
40 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 04:12:33 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4972 57 KB
23 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 18:30:33 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 4 KB
2 KB 73ms
73ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81785d9d3d137904ed0f9d864f5a0389d06ec52c69abf6fc631cdfaa903c9c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:12:28 GMT
date: Fri, 09 Feb 2024 09:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1666
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 8 KB
3 KB 73ms
72ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/textFit.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:12:28 GMT
date: Fri, 09 Feb 2024 09:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 25 KB
11 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adlibUtils-v3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 06:20:48 GMT
date: Sat, 10 Feb 2024 06:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 2 KB
1020 B 27ms
27ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/animation.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2372829708006f9665881ff70f910dbec5e55e01dfac453fe9c2de9e482addff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 09:06:57 GMT
date: Sat, 10 Feb 2024 09:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 990
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 6 KB
2 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 2 KB
586 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da3f82712a9fe1ceba6d6fe6e9ab628eb17f9ce607cff3fc7dfa554efde71a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 25C7 118 KB
40 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 04:12:33 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 25C7 57 KB
23 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 3 KB
1 KB 71ms
71ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ea98d3e4f0ec9bc85de86a8ecfdea25688f2384e5a630afdff176fd24d77c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 8 KB
3 KB 70ms
70ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/textFit.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 25 KB
11 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adlibUtils-v3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 2 KB
990 B 27ms
27ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/animation.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f05970b398baee30570ab1f278081677af24481c52c92a8e23d776270565c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 08:49:41 GMT
date: Sat, 10 Feb 2024 08:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 960
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DA9 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 64783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 115 KB
10 KB 34ms
33ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f83c47a6b8089219d589a64fb95bfaa84e73d0906dd44c1994561d38713f3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:34 GMT
expires: Sun, 09 Feb 2025 18:30:34 GMT
last-modified: Thu, 18 Jan 2024 11:18:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 383B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f31d0b9a787e49c522425fcc13162a73093c95d675327c15b10e4a0db8ea79b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 383B 0
0 62ms
61ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsusNxXo9ljQbbN9Z17UH5CuZRLgstq1E3rMlgsQFp-HvFyCeL2kYHDugkrzFtBgfo2_UHK9InudAh1BdW755bjjWn20gQ09bW5IgdBwUb1gJtUIYpgXwPVljq5J7qnTBV857TPW6Hm5R4X4Tlbr56z0DWZoCApE818WbbPbx1ywtQM58bK6DJsy1YATS6-oodvKFLnThupLq0RE5aBhUaFHvqoGh32tqwJEZxSfuZue0wWwOlW136RNxn5roHGcZEgDX5tZN6afs9HcJln6LgRhx7ysZxZXNdNpYKYRU0ipfOpuy_HNbxWNpQ_C5SB2hpXyOfjIV89Bo_ELr4nXPKjvBHIXcz_hwqOou52F6YZpVGZNZzAq3PFknnU0Zgb-ideqHfkxeXqoAnjRvIiAVfnQoQ8mdz_KaZy7Vi8vvUZHdgjhlpzqJX4Fp8ODp7muk6XfwHyGv8Q67f8uqRoVkm4wLdsE4k_HUN0oOQ7T24ykJGICRzdY7MtRIJOLC3PdKrxrRLRPLFJASmMP3wIh_l2Zr9MCd9IdFg_i7pTfK38S5w0jQ7-3ZuSdKt0fMlSTjMprJCHwEFkY8en7bbL0_lv4CJXUl8JLMDmQ4jOPxeJxRz4xp0o4ioOEoOiU7lOSdEOl_-8DvqVqv4wmUCVzWBP9WZR3OaaGHshq2xFH7maylg6267mFkSmWdAnoM2M_RfDOzM73j0-mlSzsT3HvHKe8abMHJAAu-jRxD3Z13ANZYnA4AdvPoJGqFXy7_sQtwINXvBI9d3J3n-AjA8zuktpqX_XKCORnuuFw6f7nUiF8XqeogPXLsWysiwXBiwP-7y6Riwi5_AnZIvw4xP41Nx8tRiAvrswQP6P675G1UdvhmpK7oCAsIKg1Q-Pdsf4iGJbSfgKvfZnsiGlN-c9ooeySkYLVhDn4MJu9VZdY6H8o4rKDLyBGjdUD2bhyloFRNrrP1HFJzD-4yaZTYflWD03GFJsZCsf-JRKWYWv5shJ0-8JrWYOF6EJ3nVkYv9bL1nvHmXtogLMiZ1wZthdYOMvaX1T_znmU1xRQFaEQI-vIjQpkJr9Ck2mzzUAKLbVIJgcktfKWIdI-SqfzmUoyDVqWCxZ80XW6RdZf2_yr3eQ7Sp7Zffp7o_nhjwvQ_SfM9MCf3y4v8q1Bf12B1_7DljIpaM-jIpIizzOoQGN1p33I3TfNMgP362hy48TltbiSVfFmknePRfDny9ECtbBbOeZYopyJSMFP1PGwDF9VTAv8gpysFns4zdSZG-4ZfpqPJub9CC_u7Z7vLNbHiyhcdJFuTFC6eYNWZfFeTqRz9XiRNBgFVBzioXVou3CIBQ9DB__n221OxPhYl1tpAI1EC5ewVq8jEROiEM0DKksOwhyLEKs90P1mxDc&sai=AMfl-YTeIaOAlt0V31EE5x6zGZxb4yVqJsorXVGc96876q759vMJJgkCJRHkG0-I2jMhSrUEchUJUbUOdP9K2mutW08-NGssmi2HEvwJZ5HAM6a6LIrPqOhX3eb55u948-10_fiiP7RmVeeuyOPjMRV1KQCFjdn8M3cOattdfZcUoCbE_n_4VqP5prs-0JM89X-fcTgFYoQVKULoAiggrqHrUFwsU5QAqFfQ9ojJMCExnB-_Xe2Lh0FiDDPjYSqBqRyqcI5ua2ccADrtkPY2cUGHLhjtQHTENPn0XAT6fWkv2yCn3s0R4z4800qk-FveXZCd9wAvG0VeF3jQb6_JSACA-YMUUVEaHbyk650O1BdJ-I9jP9aiEikYn40kOCs3rrApIdmli6c2gYHCC3Ywkcwf9Nv4DWW57vWUredPaZWWcGNn5ZdwbDLT0OyU0c7K2MXbxReuIZaSYkOqId3P7GfFQ8C02ICCYqOntZrxISQyumOBaAOeDFs-BJnWLdm2YpCndbU58X1Nx1IKLA&sig=Cg0ArKJSzH-yCOL_taQEEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zdW53ZWIubmw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=55&cbvp=1&cstd=51&cisv=r20240207.55329&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DF3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1

43 B
105 B

21ms
21ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfMPxDe7KqvAxi4q_L5ATAB&v=APEucNWDZ4DPKv2XDbbwyOWvPS2AbiN36C9Rb0df2S-_HXbi_8qzIjfEznwH2KdaCXn5sseJHEeG1mATm_cI8l6_BMYdvFguVjVjy9bZPsTnMLEsgn_9OZeqKXQeTDS3EOJXWHByrIVpvqfORhU-EnWAX9-M7MF7ogl6d6kx4wEA7pGHZRAd4-7SjiwaYz2sNYQRSwG2_6ed
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DF3B 43 B
210 B 41ms
19ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfMPxDe7KqvAxi4q_L5ATAB&v=APEucNWDZ4DPKv2XDbbwyOWvPS2AbiN36C9Rb0df2S-_HXbi_8qzIjfEznwH2KdaCXn5sseJHEeG1mATm_cI8l6_BMYdvFguVjVjy9bZPsTnMLEsgn_9OZeqKXQeTDS3EOJXWHByrIVpvqfORhU-EnWAX9-M7MF7ogl6d6kx4wEA7pGHZRAd4-7SjiwaYz2sNYQRSwG2_6ed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DF3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1

23 B
163 B

44ms
44ms

Image
image/gif

23.211.8.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfMPxDe7KqvAxi4q_L5ATAB&v=APEucNWDZ4DPKv2XDbbwyOWvPS2AbiN36C9Rb0df2S-_HXbi_8qzIjfEznwH2KdaCXn5sseJHEeG1mATm_cI8l6_BMYdvFguVjVjy9bZPsTnMLEsgn_9OZeqKXQeTDS3EOJXWHByrIVpvqfORhU-EnWAX9-M7MF7ogl6d6kx4wEA7pGHZRAd4-7SjiwaYz2sNYQRSwG2_6ed
Protocol: H2
Server: 23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-12.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DF3B 23 B
163 B 44ms
44ms Image
image/gif 23.211.8.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfMPxDe7KqvAxi4q_L5ATAB&v=APEucNWDZ4DPKv2XDbbwyOWvPS2AbiN36C9Rb0df2S-_HXbi_8qzIjfEznwH2KdaCXn5sseJHEeG1mATm_cI8l6_BMYdvFguVjVjy9bZPsTnMLEsgn_9OZeqKXQeTDS3EOJXWHByrIVpvqfORhU-EnWAX9-M7MF7ogl6d6kx4wEA7pGHZRAd4-7SjiwaYz2sNYQRSwG2_6ed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-12.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 mustache.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.2.1/ Frame 973D 9 KB
3 KB 77ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.2.1/mustache.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3258bb61f5b69f33076dd0c91e13ddd2c7fe771882adff9345e90d4ab7c32426

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2674515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2508
last-modified: Mon, 04 May 2020 16:13:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f29-2528"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWVcP5YWicUPb3BZc8zKRvGwKibqk6o6xTuA6FYM9B4A30WOTJuV7KkdaB2QdVWXSsCFhrZ4YINN1b%2BpH6AnrJfGPbWyEOig%2BWocss6Jhn9oW9QddLph9MAIx8R3qLxuMbqGZMOIq1NvzhBKUkcFjazT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85366c8f0e278fee-FRA
expires: Thu, 30 Jan 2025 18:30:34 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 973D 120 KB
41 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 07:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 07:30:30 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 175ms
175ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939591
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8ec9f865e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
508 B 43ms
43ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939591
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8ec9fc65e1-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
20 KB 385ms
385ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941852099388345&correlator=1861407284117386&eid=31079957%2C31079958%2C31079525&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C35dbbd98-ff12-4ea5-99ae-46cac5908ab0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3De3951cc868df3122%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_Ma-yIDPmL4CwoduEZGcccfbwqKvSg&gpic=UID%3D00000d5536b82306%3AT%3D1707589833%3ART%3D1707589833%3AS%3DALNI_MYAtMw4koZBhvwf-V9n0wilZZfRGQ&abxe=1&dt=1707589834044&lmt=1707589778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkooora-lives.net%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2075408834.1707589833&ga_sid=1707589833&ga_hid=1793792835&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYiaOkotkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiIo6Si2TFIAFICCGQSGQoKcHViY2lkLm9yZxjko6Si2TFIAFICCGoSGAoJeWFob28uY29tGJOkpKLZMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiIo6Si2TFIAFICCGQSFwoIcnRiaG91c2UY46OkotkxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVN6VjFkVGxYUm5GUk9VOHZVSE0xYUd4dWVrcERRVDA5SW4wPRiDpqSi2TFIABIZCgp1aWRhcGkuY29tGImjpKLZMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_6SkotkxSABSAghq&dlt=1707589832220&idt=694&prev_scp=ti%3D2a924749-e8af-49b6-8ed9-32ab3b9d944d%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D66&adks=2629842649&frm=20&eo_id_str=ID%3D398f447cfd272d63%3AT%3D1707589833%3ART%3D1707589833%3AS%3DAA-AfjbSyhQXWVTgjoogTRwHz1Gu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

633b518d42388264f1f1028f773e8a0791954a302a0b4ab8ef6f4fcb729b249b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20248
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DA9 39 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 container.html Show response
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4DBA 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
510 B 165ms
165ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=kooora-lives.net_fluid_sq_new&pn=2&sn=3&pc=0.6362159729003907&ds=true&e=wdp&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939591
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8f2ac865e1-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
507 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora-lives.net_fluid_sq_new&sy=6b2e424e-b530-43f5-b231-b5cd6977b942&ts=66&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.net&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939591
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c8f2ace65e1-FRA

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://kooora-lives.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1F02 0
0 61ms
60ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsviAtYAELIsSDTyJIWYD7-F66qsfoAppLPboljeMX1Pqfd2SOIZzpY0n8iZv9oDJ3vOD4leCPkRNXAMvw5zroENhVnQa9xKX2JXjGl6Za3BZ5g-LEDtDWN8HkzoWFEgva04KiVuu0L_jWXZlVbQzGqVNrnba-thRXfu8w9bQmdHOEXjyz_wlvhwMhUAIjFaA0IaYUFt4dFPs3N10c0cdngOxHdzbhlwegFCpJF7O1uvSTl-FNat-PbFcPDkQnrxT1MCC13GQpAvcxYNB9B9UjUmBfz5R7vnKQVHP0ZP9qV0QyNBV_m2iFDKBDPboRRym4IzR3_IIvWSrqe8PKnSlKhpCy9Ei-X1Xlkl5FUTmISXw8dvAF_66YZH_3Ow3z0YacRV1LowW3AN6Qo5rcjruFix-brCdQTJINFefZGyt1GiCTs-SsvWKZhRZKjXpWD89pYS43SMUdmtI_pMKsev04roBwIZHcMw79DftVOuXcqQuE8AlizD5Cpld_VtjIz3YmwlDj1z9-63WvK_uMg0bOUzTUeqjLCtYI8kG1pitxx-_8bPBMpW0BKzPMuDHFSoVA5SI1HntGxEWSDWoi-nLrrjwqJwoUoNiOfUG3skcRaU_-zDt84mLGNYaK8uOZ7xeki5zylqM7kIlSLnkomhC_7Rtbd7jMlhXYYUnNRmpGhalUAIYqPr6XA6Ref_k3JlWBT8Wjj12B1z9OqAh-KI41GNI6BZVJ_8qSo6HVz16ZU7KT9VARYJy8BdC8B3eg-jrsDZ-GWF02cgASf70Ej_Jn0_dj4e8Mu2pgEAvjNTzFIWfKyBvB6elNVtTN5u3QJRHenk4rMpWKwx8K1B2LnVvedaptbFz5sGphjhxrrVfGNFWrI4df6OmGdq63WKlZXLOPYrkAkRaR-b3hJuqFIHSzjtM72i20i045ulIdJLNb_QveVYc8Q6VLck60bwhP1iQ0KkADFpeJBaRmIIVNWKUyuH1daHHosTchMRx8YsaimcEeQkkI3E7KgpqMzpWJW4dRO2J2gjoVpBmmPFjMQ_3Jgj7Dp64d9H_M2vMB7yDGpNXbvROQ60aQV8DjuBzhNlJCZOrqG0sJTFH1zJ_tQzPrYluJY2JwHpDPAqPTp6BKpiIv1220mhLDNfM6zgF0QYTyzmOWr8oNBjsxlm53c1KvA1UnGHVbkIZi34NnNSk_VAeuQt8KpWbq6t4wMV-JQ76yXPJ4KTaAa7q6qPws_6zXCrag4BWWaNZhETwme8wyK0h6dSTSkupOZVOQDY1OlNHv0i-jIth9RTUHGNDvNWwamZVSueyQAcrWnitk6Y4GyH18ruyz47caJ6h6M6ULi98_k3Wf8ZPJV_WlEmajVNM5PmA-4AjKM&sai=AMfl-YQSvuZuHW0PnPBOq6rAAu97u1gdbircRNqxPnVFQRDEAxO6ctmaga2r3HWkW11u7ODrSdasPLMlUobWhNZiLfrt0YFzI2v28QOg05QO3ysy6EK0iw-Ga5OpH425LQ6UYS1cwlanaFvqMAZUAL99e-WqhpM2uuvNXWoUZvPo7VL3hWUAxQIuf4EPHJtcnBIeLaGAz2rgAmT7TsSJUw9nXq8GcOSyYrIIulEm4ONMOAy-FxwY6l4tXRNbg3nuaKU6x3-wgL30VprIuUeeKXZNhW5Jhy9baxJY5zZoQR9iJIRgDB-EhLkVyl7FYNbRTHg52W9h-UfglHqalym1jRNwd1Ot7nyiJNFMOoM0apI1KPZSmc5vxQkESsvpmuxzeQBP0vntn0b9tqXXI8itcJceqjHWkTpapLY71GzTLYv0DzmypPLKVXSxlvCWwlw-LFhpDHQwz9lKTUrgiGlMhYU_BAaVIGN87M8xKygoIQJjXxRelQw8fPK4fPKawQrDR6k8hVNLKzQ&sig=Cg0ArKJSzAonT0bZ9F_wEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oYm9tYXguY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=196&dett=3&cstd=114&cisv=r20240207.50965&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 799B 0
0 56ms
55ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuiYp6TeW-vg2vSl4hOFfohJH9WtCvtV-hb3WTBlDbpv1HDoTEMDs9KEfCi-nyZZ8Wy8cSgC2rn93EHDC24j_yj-9zk2CgsL7wf1aKBi4K-qYLEsT3YmhnMJOGdJVEYp-e3YtMl1DJCBT6ws-PAvfnV646h8KbuJhxwosLmpi24GCXMdsIV2Xd-xKfJDGdNhNheMPy3JqLaX0IJ9_IRxJeCMNS3tFNRSZ-Bh21aAb9KzYbwQYPRJFTb2GTuNWYLnC66c2lzUvk0h8tXSV9pijfxKD2t0--zZNNBOKMarHa3Oafl9Exr2ycgwjFi8DfcOphmIJwQ1awjFMafs1PXcKPD2LA5ZR26LFA7JwuU4YcKfg-n6BwnhEno4OhyltXrey2f3NURJnbwfQsIB5HYqv0Is4CZl5k2JwyPxhH7l8y8VcbNT_SPT4B9VlkodwrDMKtsJwSAkjIisEcmXFdSaBN6UQAfob3xf82147le12UZHrbJ0zAoL8VTNPMssjzrS0XQ4k4CZ82O93CTdMmnoF4LbJt-tfCucQeGrAFk1sKnXLODnpj1VtsmBFaOGOPzfNidaPyxZ0yA17NotymashK8vyZORXz9Bc26euWeftHqD8EoFBDPwMBIVzr6vDPRcTXBOAqh0bFGNc7N9oj4OLj9dwk0FaGzp220J7mduK3W_PjJs67heeuTWU3b7oxeAyheLfOLKHDerLffH4xFg4oIB4XrlC8phICyyC3n_Q6vI9PaHDHk38R1PSBdFDy3H4FSMWUd5ogDiEn_YfSxwRaimkyp4d3se48qQcyK4p-y-sRw97dhj_I1wNN0N4JpWkn2u7dPIiLXY9J86rUgIdWvUyqqcI1VQGtnDkR_xJ73dShyNTsorwegxYcOXBIe_OabAwHM6UUpssMFGdxiLOFuMJgInImCq259MyBfQ3CE_sruGIpGnxYY8kHMV-on1lKRgi8AQ0QXD_0sUoAAo1XXlIJKAqA9Jb7C0L1O12C-vAgScOfOJpIs0YBNEuGJiKU6QAXIShRPq94FyHOgaT2EjYBn2e-xR6U_Xm_trmwkHPR6bb9XGWm0VOxUjeRqVnkcEaTks2Y0_UOZluiB0tC_g4zLMhDiffJID7xkEKHpjSRXYb8eBGElI5zVwILhixvgGhsBmy3wYrdRo1asomcuEBJg1owF80jXr2hR7kHoJszSTs20BCMVwRComPeCJaeBSpBewFAKxWfvs5jDzyBV_snAJnGLeopivOtwrBVAcj7VgVQL6OW8pYDanxeBCQ2lJaYe2cWodI4X_R3mJhrA1vjEf36uClCHyNiiBmF5tFr_j7YLnaYB_7Brs7ImhJOHv_019u1uFARXTChWKIlUZvGlPX8M9Fm3jLMFwEJnQMdnH30Hr-XA&sai=AMfl-YTAmGvIBmjySmzEw2s8n8rngKwvezfAze9ec82ZthLaX4qIhoxOTK0FSOVHWXQwxSca61Fm610E-7PyyWcWNSWlwK1NoK-zkuoVgjdflnnGLlhN50YhHG3x34u-Yg-LgwYfJN_pnNYkIcJLub--f34N7mAkTVz4LFArMLbMVGoqwWKr8RpBjljzHDdHaCV_BBaFPER9oLn-6qIWKcPiWiyoJ3vyRyudW07sAl26aDd507m1oU84iIRw9Iyk1XxWgND87b5wnmndT60orrOpqcDkizfIrBqUbYusz-slm2lx-13fJdqoSxEpzx_p6fRJkIO2WNkc5-9a_GiK30hkYF5QAggPmDxiU0YfFexoGzDRyut5ZDM8XvikvAvp58M1luFNVoyyFq2EZpHtH24hrcbWvqWL-rwF9EfeBgKDxqJ7VMjskQ&sig=Cg0ArKJSzLegiOwJuHNnEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oYm9tYXguY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=398&vt=11&dtpt=235&dett=3&cstd=158&cisv=r20240207.26352&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1FE4 624 B
242 B 72ms
71ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJLV_doBMAE&v=APEucNU5rKQh6vl1rlnaYg-r7C3xzI1l9iUDUf_i56q7mWlR6TuSh2TzWULmvijQBEM3ceCQy3jWxi2rIG7ywk-NK-z_2dRgfMCaO7PSO7FtvUTUKoJbnFtPbXVsEiCGYXHEOlh91R2RN2DuGf0P6cXzsOsr-7hQTRSlVixihMsBTvNjdsH03UCBSm5m2Js9bNZenf5ywrXT

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4DBA 93 KB
33 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DBA 42 B
63 B 62ms
61ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4QoC4Xgud8Ig-SW60lDkNUv2TzSALMK_36_6BsAkUtOw9dY75IHhzRv0NGGwJIivQfVzT3Gohet4QgwCi7KqfE99ieB4aEkmtvy0yNRtzfDVLbg0

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4DBA 78 KB
27 KB 110ms
53ms Script
text/javascript 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWPLJEX6eV1zvBKMUxojdOudSEk4Ye2n6esOhMa7B1BZdSmdmM&d=CpkBAKAmf-Anqgm6KQRlodWeZYG_4Kovg6r7EjHFAUBevWOK9ARp_WQz4agmC7hd1EgsLJBEdVzjfEsBo-Z-fit-at_SVAjig1eapmhDOjqMDk7LEQWB3I2BVTheJ626kSxB2U9ij5tOJ4Ourm3EuqqJKSV-8t1IcNY8xDkd5ro6vAhKCNFOu5LsWesqielFDf9Z6sonut754TbzErkVAKAmf-AZoslA0NdvVqWsWVoN_1Hulu__bWNiy_T1nBzd5nXGDRK9nDJy-ATMLlPENNok7sCEGonT2_PPX-F2zW7iZnW7ig93nlPUgRNeTkAUNR6ALO-L9Gtke9MsXALyy-HVx4U79yOQJUrM5gTP4G9lzwVrqTIR732tuIBY7kALCmMmaym8Cy0Oh3mGuLCKnc5E4SU4HX6yZ7RZeSZ2nunnH8EOALnX5k_PdyMz1CxvlzT6_6oFfXKWX6k7IusYIS7-J5qgo-QAbzJc9BUIsPYxf7TS-qDpojnZWwDeloZnPHq2LfviTkW_BoAUvaMe2q24HEkt3kzKD-37cNHUXFPYWQvkht73HzOiMCcnHlHz14VaBYR9ULxya3YJqpgGZgzEr679bGtHqA5dwl8BE6qmlvJ9b-jEzI--7yf8trNheIzmpw0uaFVVcFdFgPnVfwd1ZaA5yDPB41bg0rIUFVagRSscnDMbJ3qkYbiBE0ipywnbcLKOg8E5Ufl4REFBkVB_A0SRq-GWt6hvQfbuHlOyQh3H4ZzMNoe3glRITzgv63OWONtbBT91bT9ni5xE3Dx3E2-2bJNf8cpfNiVj42xsGJkv2uel6-il-VX1bAoSbiuWL_d_t_wne0JV5j_yRGkQSFKsLXZ9sSNxSuuSODvxbt1xgqoHPQIdRKUZjHUhLYgc6pjAyUtvFZu3Fjg23tkuAnX49c-ZBNRJ0Bl8DBSrpGSjNfk_9PYGEnhikuYUAJqGD51xC-JATvTD4Ofta6hoTDXcLKNVM2wm00P1gT4Z9t2Hg0-DevODf6eAhZGgHpfr-SU_0awFDlDJxJ2vINvMGSlwcy_llEkIzJFw7ek2Ph-mwlX8jkzsHFT6t8QBNE51ANoGzBGfUYXug1kkcvjuQdDdRCmKofR56S-88zhL_IKRpJGeF-7AfWN453rm2mlsp0YD2laj8OKNlVd6lg5h3Xeoa-hm9lwoEk0waAh3pSam-F2_3ye5wKdK-yYX1KBwi_W_exeCSqtgk_DqgwFjNZDNHGjoPe5KHBBiL55lsjScJrfTdJZ9t1LLB6Lj9nSlUAh93vermVgNq75Z3wf3Lz4k3__TrTYP6yxG4eW9SZULxB6PkI1Cs50TiJJXaYr-0JBqz32BxZxYaTODy_pcHoaO665SfkQgtFFYZxTVo4YQMbwi5BZDR-PvG5-PSw1JhuPUrXkEmbJ5JZan-hHOi-qPi5RSQveuaEssS5y00uzQ1CdbzgSkiCrPtLRCJiKRxKwyoFZCKc2cwpMsVwJXw4esTm6LodBAvNjqUCyuy65fvZA87VVH8Vko6c_1zbJaoyn-9OhhG-JJmtOka73gbhZ1EGRPaAa-f9hpI6gADc6upp4oOp7ZMINGxwZPoyys1vGawZOHtA1WkFBkRvTKXEMFb2QNPeQgeonDBIjOWcSm5YPSU4rJSFR70r0U1auhQBd4J_Ekzcs1V_KAMKitgulnpLaTdzlfcZhi9eYF48-Gz87hmDT9tzW2VjHPF46g7lpyyYQFkWXP1t11lFRlWbk8_pPvHXS6DPcTEYEZttopV6kLev8c08k0oDQNcqDk1-GLvwhmx6hX3XU2GAZ86FBJmUTRnRnuM7ApVRKHBfddjvUwvxeBIbt_I3Hy7J8QtGiVfwBeXdv9K7mPg4EFurf_SVxVbEgOzIXpiAAdh_lI9bqqn3jkAR1VyPtujyTSZ1QlmdtvUJbehupndcBD_DIzoH7GF9suN5dAMpCC4NkuV6BShj1PBlE7ViYqUjmBrtYadAr4kbaFzXpDkf4k3HJEy39BJQry3UxAh7AL4tssNiWWZl6xJefZbbjO7jaWxttKcOq9DewhBZeQR_wxpn4LNYmLOppasL0h3OfMrraX_YIc5NgMi3LBTdJPnfs126Zrz91Q7rkKlrRlTM4IDw_sBE4jwghPeH3Ggpvdw9cDT7AuDLysO5V6yWsQdniKGnJ9dmu1WHTfySwdCGk-abTbbx91s5IfED6ubdXnPo_rbNhjohnBU30metW1pWqm5VaHtWeNO6RY6nm-r4O3uJbt2w-V6oSM5ZarEpeMUyJv7V43nqomY7cfeCUSGQBJoE3nIJESIadiaeVjGGAmvjStmQFzWi7qP8IfFjuqeRDIj_gQ0Z5woXEDFljCjXXp-J2Ss1CqvD-nCuJDm5DGmN6e_0uYUqYmHrpA88LpCpgEmSFU8moWTdZIPVDIhJb5YZ-gFkTzLZnnDhFWwdI4RGZ1XmMzJa21ixiE70N97fsNCNC4tnI7ZoZEH45Jekusc1nIVMgd4u3ef0gMJiNJGpn62ZUWqrnHW4jfsKmmUeVRZ804F8Q3iaa154TDeE0ADK7IMnPNhVfBPMs4Lu6arIbRgcASWFn5OZk_l-e3oV9i0En8yizAiaVgzxXCh7CaOLJUyf57KrbGE9bwvvuXufpB4B3dyVZUk699bOyED5v_RM-chPsVF_FJqgMgwWel1ZcpAxN3zlWFRwIIU9UgzPVJeDC76G_MqppaJ_Efh1Jsf0iTS9j5h0glP8DuH0OjAugjEaBDrEvg6-mqq3fAuhn6OrseRvi_A1OWWz_sNF8j7FAVkJJHK20FdBX_lQuBefFk-T59pjGxfEv8dDWSUukLr6S2_Uyq2Etu3Juvw-dL7mIuWyYmDSxdlubGfnFFLuiWA4UsIwFU6RT7ha1_-y45hGFouqWUQDnmL6UdhyDkxDuiWVAAmJu85pmOJbIfPRBxLZOxSIX7M5UkvfCeFYa4VAEtdjyYb3WbHPIdPttPfPNQ9iYh8PqoQQv0YU-QN0I1ask7ctjZjjrnZ2Ic_iFmcBuxpKyzO0b9b7qs20_4HQ9b40JBIbaE-Ap3di1fP_JCOAEbD7ZdhyXDxqS8i49hyVXCG1LgSGZ_B1qUMusWVdbBtAlNrSN53x-ecatxAlHaoK6WLy--1mIh7ZplYUm7pUFmV1HbuMoe6f1tLtoAHpCnRW1cp33a619uDkRSEv1U17HMlgVc1Wy6fbAXiVSNx_V1z4ws46JXRTvcYuLShQwY3b2BctjU4yGzyoSxgcHb9qmVANBFOX_ReSAr8H2oKzINZ7gfx1lSDaAkd3yoqiQOu8habal9lnkIb7dbTaXGBx9zvF8Gg6qec-KWVAqZ2ljHFZRf8BY0N2hewPfIkVvZuCYOgEA2ZlkNKUc88XDeCsdp9tzdJWJ_gorcQHeBN2S9Vuy5ivS13sCm6sAs3ca63SJtxCtNRBzLQMayc1I1f46Qhafetaek7NegkgiPDtZlsknkdjfBbspFSTUapCKE3wgbyvE_jL14sdZamaXHqRHxFf2pWna282ghjZNLpnLHzb2LtwsDpkp4cUC3q1_UZeDaCs_S90DzvMt0FZKWaRyOZBGHjmxBW802rXmlXhDXXz13-LPRxMknWxKi2WhtJ9k0nTF1bpQw8tQjaorTWHV6Dj28nKgTNv_G75CltKjjZfVeSI6TW--ace01Uw-QrNI5OVqGdgOz8LBfWxaOtqq5BNiv6uosTebz9UHkvPpr0jn2EbSD0i9KO_Gn3NGB3nCsa-6xOgG0cWjM3DZiSjBB37E_fCN5vKUxiKcVgzSSt8GfSPMp3d16CRNr89_EiOApy9svdBQxTHyI4JYPgGQe6qyZkVKipU_tFJqnWP1MGkEIBBI7AC8eF_8KoEJzKCsN5EKunkyEY3naJw3ZncYPo8KM7QCwjcEqzOso97QfHHgegSEI_ERyCsMkrcfkOuIYAWAB&cry=1

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f155.1e100.net

Software

cafe /

Resource Hash

ab77ea29410b82c2227b47f0ea0ba50279977503c3674f9fa1298a0f66153ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26917
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1849103/76721144/ Frame 4DBA 60 KB
15 KB 136ms
45ms Script
application/javascript 54.194.91.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1849103/76721144/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https://kooora-lives.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hYVxwCrp5zKlwC-wM5T1oO
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.91.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-91-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a301758c6485e12f85e2bffbe5d4ee2538cd7993d8d30e893c8820ac91280354

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 4DBA 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 4DBA 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:58:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4DBA 0
0 40ms
39ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_kzxP4Ys5ExIBgIykLFjEuri9L1kkgBCg9zhDfk8fvQNOrm_M7nW7EgIRCxJIh23onruVkXrN3wLJt8ytbF7ejM827Q
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4DBA 203 KB
61 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:35:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0217 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bo6mXycDHZcXAGOvK7_UPrIityAIAAAAAOAHgBAI&bg=!-vml-bbNAAaxkZ3akZE7ADQBe5WfOD1q8WW8JZZGqKg5VDMjRBqTJmSGH9aeyQMPUw4BYRR5AHLzbVkCuBYEs0gjC0MsAgAAAJtSAAAAAWgBB5kDWY7cLLhgaJ1ebiZhRKlW16-2IEygfqwl0gK56wuWLqeQzgkoMcAGT5AsOKo60dSCniiZRqySKhjVB-85abrRginVxo9o-hxG93AtBsVpGyt-el58tRYEgtknJXmB0z7uHqZanG0Q9ygD03HOv_cnDmhtlAsqh3JOXbDN1bm243hBiDEuWDRVlQhst3PrpKGuEC1ZL6s7HswRbsJASjn3eyA1Npg4iOQ_rMaJacsL5Z_2Zkvvf9orZQqNvKFCBUeHamVmretOyPKL6XnfiCRpdiSG7eQSnGFVdpdtiuVf3mFLwKjD-vNe0p7sAfjbXPvVEzJBJR-owQtZCau2WnuyBjh6TKRDoSRBBHPvkbg-BCsja2elJHl0ivCg66Rw8n3gKaw1DxDInwFerWFyWf8PVJ2WV8J6AmaCah2deV_Ab-XFvVw4qjrp3r92FrSb_cyHO2Y_RT_3JXCYZczfHmGSUOPGKAl7wXAiqYgyLTCrNrrxEWUtJgNaCCqwzrG_Pc1qp8G7cBknfsSXcgWUuv9ds4sMzptZINBGCVZuB9CfLRZ7ubqOhHlPG2E74O2TH2CNMRZkwvs5mo_uY4bfsYjZ7V8D7D1EwCTMaVPwVYygkSnMMgnzuhdsRaohii1-be6xtw1U2FarcSryAEvB7HpU_yvG6n-hDUSx9YExJLVsa0g7W6yNPlB2y6r6uWfRVEbKBo6L35hVkkQT9LYtas_ib-go8GDDr3-Sdp-0mtTVUnMHoakf78_4qZNV0vVyD7p982clouUbiwISIzDtGyN_CYZDH5hhshJFCNQa3D81Sw530yiPMt4QDfxzxg1W0SSlAhzQLyZCr-99ycaFWd6E26y9sJfQNGGcC0kbJlQcIYM_GXLCe32c74q7FWmKL-Cl8KUkbuODt8FdCzIa8CDbkVS4YUolYQSx5WmVj5H4tCCCd3HQRWCjDVRbJ7MSmGIkl8eWc2TlfKrwCFAZ6GzE2d3TS0RDdew2tqBS3N0QDjKsnhOmOrAWCKuN75ccC1ng7t6UC3Os-PGY6jRGx0hgRy7e8BR0ZlwkHZD70X0EIZG3NO6z1bmfFMFaXUxM31sVgqH9cdo723VTEv4OFINSlHYn__FEsSBitgPx8qAS6z95Yc1DEI1zVYnf

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 121c3035af515e3a6664be9fee2aa395.svg
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 28 KB
12 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/121c3035af515e3a6664be9fee2aa395.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffe9168190ac13d844c0b151df531ba95775e7f00963c295ea9dc3b02f4cd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 20:07:58 GMT
date: Fri, 09 Feb 2024 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12458
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 11:18:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 imagesdwj06r307sx7ngo2uo8l.svg
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 6 KB
3 KB 22ms
20ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/imagesdwj06r307sx7ngo2uo8l.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

019f5084c88c31607190ad78deff887e73c3d2707bc4cb390d0bb94e156a1ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 08:04:21 GMT
date: Sat, 10 Feb 2024 08:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3286
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 11:18:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 404 %7B%7B%7Bfeed.1.star_rate_image_url.Url%7D%7D%7D
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 43 B
74 B 445ms
441ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.1.star_rate_image_url.Url%7D%7D%7D

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 404 %7B%7B%7Bfeed.2.star_rate_image_url.Url%7D%7D%7D
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 43 B
74 B 520ms
516ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.2.star_rate_image_url.Url%7D%7D%7D

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 404 %7B%7B%7Bfeed.0.star_rate_image_url.Url%7D%7D%7D
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 43 B
74 B 215ms
212ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.0.star_rate_image_url.Url%7D%7D%7D

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 404 %7B%7B%7Bfeed.2.acco_image_url_1.Url%7D%7D%7D
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 43 B
74 B 571ms
568ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.2.acco_image_url_1.Url%7D%7D%7D

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 404 %7B%7B%7Bfeed.1.acco_image_url_1.Url%7D%7D%7D
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 43 B
74 B 491ms
488ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.1.acco_image_url_1.Url%7D%7D%7D

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 404 %7B%7B%7Bfeed.0.acco_image_url_1.Url%7D%7D%7D
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 43 B
74 B 520ms
518ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.0.acco_image_url_1.Url%7D%7D%7D

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 200 637cc8dc02f64a0011bf710e.woff
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 64 KB
64 KB 30ms
27ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/637cc8dc02f64a0011bf710e.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

307d27c4fe7fa86e51f48291c158b35147d08db4352af57ffb357a9aa5adc505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 06:36:58 GMT
date: Thu, 08 Feb 2024 06:36:58 GMT
x-content-type-options: nosniff
age: 215616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65744
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 11:18:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 637cc8d50414dc0011ca5083.woff
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 62 KB
62 KB 28ms
26ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/637cc8d50414dc0011ca5083.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c435b337fc05c0690d93aabb388197526451b3bbd4d2236f9da34d0c1983a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 20:07:58 GMT
date: Fri, 09 Feb 2024 20:07:58 GMT
x-content-type-options: nosniff
age: 80556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63832
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 11:18:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 637cc8db0414dc0011ca508a.woff
s0.2mdn.net/sadbundle/11412598334416451850/ Frame 973D 65 KB
65 KB 27ms
24ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11412598334416451850/637cc8db0414dc0011ca508a.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0723d125c75c8641284b738d75122034294cc3a42a60267e8bdedf2281a86b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 06:36:58 GMT
date: Thu, 08 Feb 2024 06:36:58 GMT
x-content-type-options: nosniff
age: 215616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66280
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 11:18:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 25C7 7 KB
6 KB 57ms
57ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777495521acd8412cd06796950e02dbef84b73bbdecced4d60e6b4757d81af07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5742
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4972 8 KB
6 KB 69ms
69ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39c4d8e945cf63e089ff9ce4a994444a9ab6f3eafe1cd72e50270980934c94a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5814
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1FE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

43 B
734 B

49ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJLV_doBMAE&v=APEucNU5rKQh6vl1rlnaYg-r7C3xzI1l9iUDUf_i56q7mWlR6TuSh2TzWULmvijQBEM3ceCQy3jWxi2rIG7ywk-NK-z_2dRgfMCaO7PSO7FtvUTUKoJbnFtPbXVsEiCGYXHEOlh91R2RN2DuGf0P6cXzsOsr-7hQTRSlVixihMsBTvNjdsH03UCBSm5m2Js9bNZenf5ywrXT
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kMmYUPzmnx1YsA%2FdGHRI0bX19Y0p6ieTxkMQnid01Y52czUP6jF%2FvwcIkI8z6zETLItLNthZT5bfsUdB2VuQ1YJ4lN9mbvFcyOSNX5lVIyn0u%2Fma8TYdr4VE5r%2FdSjbrPlzjYnpWgGQZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85366c901c441b36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1FE4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcfAybmqPeUAAF5dACBBBQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1

43 B
739 B

42ms
42ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJLV_doBMAE&v=APEucNU5rKQh6vl1rlnaYg-r7C3xzI1l9iUDUf_i56q7mWlR6TuSh2TzWULmvijQBEM3ceCQy3jWxi2rIG7ywk-NK-z_2dRgfMCaO7PSO7FtvUTUKoJbnFtPbXVsEiCGYXHEOlh91R2RN2DuGf0P6cXzsOsr-7hQTRSlVixihMsBTvNjdsH03UCBSm5m2Js9bNZenf5ywrXT
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAhhOHKQvgRudhBZXLCB8%2FVFLPd9fa2%2FU1aC5w7BUUErrPoQwGPVjvB%2Fj35S%2FN8vVxcwre6GtxuZ0T3FybJY%2BnAiwuMsmXyLG5r2rSbeniIyEP%2Fa9241kB1Eehwi%2BPh1Hh7X3dxKZAj5MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85366c907cf81b36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGr-pbEHIZCV7Bjbq21j95g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1FE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEOv6tUgiTWlqHqLgNQw2UY&google_cver=1

43 B
1 KB

20ms
20ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEOv6tUgiTWlqHqLgNQw2UY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJLV_doBMAE&v=APEucNU5rKQh6vl1rlnaYg-r7C3xzI1l9iUDUf_i56q7mWlR6TuSh2TzWULmvijQBEM3ceCQy3jWxi2rIG7ywk-NK-z_2dRgfMCaO7PSO7FtvUTUKoJbnFtPbXVsEiCGYXHEOlh91R2RN2DuGf0P6cXzsOsr-7hQTRSlVixihMsBTvNjdsH03UCBSm5m2Js9bNZenf5ywrXT

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
an-x-request-uuid: cb9bb950-be0c-4627-94a9-61ff81b5b7ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEOv6tUgiTWlqHqLgNQw2UY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1FE4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
an-x-request-uuid: 877f8e45-6352-4bf5-9f5f-eb3c6886cc35
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0Mzk5MDQ1NTk4OTA3NTk4OQ%3D%3D
x-proxy-origin: 37.48.94.6; 37.48.94.6; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DBA 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3514543340860&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DBA 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3514543340860&version=m202401290101&ct=76&x=1&cor=12256953706477314000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4DBA 17 KB
12 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDHZZluA2O8YTmHEAUHeqREG1cgRtH1JTnJ_Azufp8FBomlFHSuh6rYBabjiY_erbeGaPja1tk2zeyxNV9F3dQjLnpiMFOio5ZGrnq_ShJpaPyH-1BVNFXlcE579OpXLiUg9Wd_vd7cmZOXmoZtOObEPD0Tt7tAckotycuYdiLNptiino&cry=1&dbm_d=AKAmf-BxV25QzC0t1SPZB6ATJz6F36-J-kZgy-QJyyA64jcEBPtrSqDNGuIObdZvhDcp-qwUsBwwiY3XgkDW_JLxR7QG-q_WOlJGXM_D2NVvi417B9E-kwWySCxtJtsDI6por60YNqwWq-QYQX7q5jL2nbPFqKXmTc0EtMzwM4PSOdmWuI0am2Cw1v48NWfgccNx-XnzyDs_hrbJ2QuX4f82H85iq8r60am304WTa3R2mXiBFZQBea5XrQzfl5ie94nMlW5CtcX3rZiRl4FnRETJa-jnesjjbloCeVocq6iTlfuroJJrzkXzY9tdRmQEsSH81Ro6AFCOnblVVmXUUPey4aweV_yIycTL5twQewmVVcenRNQTRRsjCmBagQEyVKh2PwslMZjFY1_readh0OFXVkc4KJimIBoEZtOzsPEV4gYhjKYatnJY4bbsvjhVAPq6Jf81OYIBZnZy181ecLuEdIO65J5QuIcazKc3n3-Oqlg4j6ry9Mn_0cmbYH8vF7Ejdwk7dBuSZJSDxg5UaDy1TcoR4fY1cftXyEbbnESSTnhV7cZxGel4YPtHzreNCm_qFgU4klfhYYlW5ADLq2YHEOc6de-jaZ8E7X0t0pKRKIgw3M64oA4ArrrlC5JCdpMgLAIBM-FmcmDJEm7Mvxjcywn9uZ08pwQxh9i5Nz5q-IWZzR8ACmDk36R6atsHjC7sp4CL4ODOSaHzzjv9vn0nx9LXWabsgYcW11DViL4DeWX7QvyoXqSJIJ_pZZjxrWTUjrsYm6P1qjgV81k_YUm86AdO8MH44bC7So5ow3C_y2witph2w3UNpcuXt548vwGVZgbFcVHIUwqVUOZnXWkgc8wxoy7r1HNFhBexte_DnlpnLvJOKiTwgICzUJ9lgC0g0CAWoz8G5oCy1xDnpJaAS27BXAI56mn7YxJUdaQ10juCJs4Q_Whi35li9svdn9H-P7ABXiCqMmZb4dUnhuZUxwuSKV_oboakUCCaxuyYsS3aGxFILdLn8KBJAFUUamocOPjqdspg08qNNjBFbxx87z_4ICJDsRfxhlz_onS8rgUx03a_zr2xvdgXiKVoo5Sm607jf0yUP8AI4yDp1OnUkKGuuDOEw0hKOMl_GGxy1N6_zFWDfXWSCoie1zccodLPS-C2LXcz4YgH97kPl4-B8UghzxHYbAxTDR41T-BSeK-Jp66NVF2wVUFOa8CDjIlkdKdvS9WFI5yOqCQmk-RLZbTlRl0QlSe0__26rlE24fRzxiGtw1yi6R9mq2zmhv2N8IiNgXQRQWnqzQstzFpDAeZm14ZkOdYY7d_YkS46shkJUbPwSsGBiVtkcSc-YLHEr75t_aqANrJxImQnn2BvWxnh1MigDJNHb8VN6V0SNAgeATY9VE5loSBf-XzSpyUIfNaHkBLFPJPXNAU8fNH7578wFWQCzgvGqAci7Uyi-ROBAhzwNtYukWiXBkLUmqyCx1Kul3tOZf0iuFs3940MBiOtDJXdA955jJLN3juQujSuDyw2TFfoS9GkSVwBQ7z7zZClfWrXczhgek2-_OHUV6qXlrqXL-oWQ4tb40GYddyEKpSIVvZswSpYfuRRLcxv2T_IVBGdxeKy1kjAIMYzhB-UuDJnOp1v93LIcQWfX-dC-O5XUiognBlq0OLqhEjCPKuI7S1Ppuk3Ax_AINeKZBc9rs_Lpc1GvhuVPbhiIfRopZZccnlCuftn1Or7bTKYZN4HIXfY2SjWGqP6bSColcWcDuDPg9may-jrj5upDdml-UJ92K07KthcWip8mZovnrDhF7Gvz7uyOctzs7W034pKOGFw-8Fe8iudjBE787A4NsCqCgV9LomgBda8ny0zaVxXOfGbDC7QbN-z2hgvnM_iP7sCxW4LLWQNPaFRtKN0jg11izvAOqqDA3ORLo26wuezKpAUZ6K5tz_5O8nuYLJjGSxiMCbsr2baDiKYErBWUHRR2FNeIJ9RldZmQa-djZf8KSLQT30_OC5fVP6qP3xyAwaW1PNdS5-PGZWLmvdnbRQPDMZZ2I6mk2U1fKkLRGbQpUx4BYbeVSUwahiFnGfS2fesEHt-q-_TeTSOmhUdDv1x2CeA3vG5zZstGgAEfY_fd0RS3teFoy4b3ee7epvR1mZteMYXJQpdcYPvjcSO2DtuGDxELcDOQ9B1rfTL3DXjkUKpn_vw-Edf-SRgm0cjRT6cQ7Hd1_sMx7CIlciMZ-48TkXxFGO3xLoOIXLWvX-g4xEVwGvNh0vK5rzOOVmZ9wapLEBQyBGnaEGTvr8GWAGN27P7c_ST1WOGTW6FSKt5ChXYoj5S-wqckk5D9ap0ntWMstu5qjJtQUhYPPoIr1ayqYJqNaDtGeKTUIcSP3NRFyNyigZJetPoRMGBquBs8iGMmpwcLKTxSbNmNhjaL-sVnG_iMyVg0BYrb7tsMuKIWgmNrFLbAQSdU5SI5fpLKcOBH5SfNyuHIPebPahTikeP0exrUbFk0y-K-AzZIIq9lxrqNz0KUURpeD-NMVpuThgnilXO2sJhu_AQJ_Y7O0TQjDHRswzH9ERMDuiE75c96xr_yEX8FvHycndYHgJgkfN0yf0q53WLa19KY3I9FSA0-RW-TyQA2Icd-mXGDt_ittDeMLg5I_Vrdjm7sQ4NM2R7kHyh0LyyIat3Nbcat1sdVVXowHT1yWKPHL-xMA-GkfLzf2a5C_PnGJj9XAMSLhXgMTi0RJBb5EUY29tyxpLg4rbTyjcQiRjT7lvS9Xb7a5QkuMZJzSo9POiYYY5i8YeF14QsSL-5uYFsGickUElIVhpojXAb5UdIElHviyt_BqFAJAcmPMrBIAqXufEmmTSPx_4sjlrTko56V3bW7-lSUpBec_vyzACL_iFdcTDLJVuKaSl6KnNw9Js0bXxqi5RjvRZM3nNvPp5XFvET4d3aZHXhuM_2CmRQDWVAIzKpIP97MNUFQejqg0DzUWsV661GtarfvFBrytvhPnfn9948OY19Nbn-q2Ejrey3nz8u-xotUVvGoRQluTxmPi3No8QwQA&cid=CAQSOwAvHhf_CqBCcygrDeRCrp5MhGN52icN2Z3GD6PCjO0AsI3BKszrKPe0Hxx4HoEhCPxEcgrDJK3H5DriGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkooora-lives.net%2F&ds=l&xdt=1&iif=1&cor=12256953706477314000&adk=2086295848&idt=77&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70affb94bb9418b5c9a0cfdaae1863eacc437e85136d6dd0e5ad3fc090f62fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 25C7 17 KB
6 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 942E 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIBYbycDHZe2mF9X79u8PkIWJmAgAAAAAOAHgBAI&bg=!FhWlFVrNAAaxkZ3akZE7ADQBe5WfOMOzlFDyegJMBiwCu9RkpKT1WLJn3lG3ki_qCUJS_4FYvQEJyIPnSAnWFAP6xVAnAgAAAKhSAAAAAWgBB5kDCF4WEqqg4Cni7RnHU3dGOf-4CCfPYj6K3O4YitiTDDlM1S6wENW_Qr8ELeV6NUXGEsIJFRHhpWF8LuZliJ2Q17fgB7wd02JQHaxR3BD-W64EKip83i5McREM0xjrIIP4m8gu4hrGOTTRQ15jo5MJFGdFUiOBL98xhYOe55MY9vOTkiWERvY9zT1DSR_18PWvRqCOgy35kn_wOAWEJpS0KMm4lco-ds9UMfevRnkpKEUsYOKdQ4yVJ5Onh-achuip3chFGaY5HUHea8IgWnKusb0XAORffM5G4zdO9fIExIDU8MgZJ4dw3JOjk0d-EOH3WRweA47ZUl-z24sPh8Fm8tk1wPB_KqclDXhvkBlQs0PjO5SHgExkJd4UnVFeNes4TzPJpHcbv9kfDCcJoJ1X6ygx6oTEuLH8zDFiakrNDROAqslSfmXaT7cqd2PdAN5Bv3i9DALc2FG4zBjC_97UzOFaEHae2pAIt3yjAKQwW7-e6kD6GxzO1kIYXJt1XSbXB2XYuOZjo-zdBRsFfg9dkTAhSqlNauoKS3M25vVVqa64RyhI0PXw2DJ4hX1tEskeRdJv1DhwuAkuwgo5VvF9je16xsOA6HZjRUk1Q_D2eSbC6XzRA08wkkJPhAJRIaoQer7wAXjyzno-SqlW41DskNuisuuWGNbn1nUL-JLxS4exLkvFNsOnCyYt6YKVOCGtSMEnxsStqXOKnpxlh8OGRxDXW0M8O0t9o2zDbj-PRzNP7dor6rmdR6A-tXmxwEiG-nLgHsy6RTtXxwnjlXryBgamMqwFM7PBOOWaiLeesAtDPouQbXXSNmK7WvX4gdrHeYSGp0v52YgMnMzPCDvuY7FrpYoSbTK3GR3JyW1lSK2j6kyFMj6jtc-4mHP5mUtkkajOMTbmqglJb62NWQaGQVL7QiVK1eHwrs2GUfV_v_EMHpBh1oBhu1LkSzwNI-rXmKsiQMEDkSxQOhcWcQYECL_gLJLiuU5hiL7fcIe_wSwyFKXbrWy6Y2Lwxoa_KQFWIrufm7J1EwBp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 43523707_20230919100603654_5_stars.svg
s0.2mdn.net/ads/richmedia/studio/43523707/ Frame 973D 6 KB
914 B 25ms
24ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43523707/43523707_20230919100603654_5_stars.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6a43411ee4c7aea388ec204150d157a69ea030de20af86c58e654a66a2981f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 20:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 878
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 14:58:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 20:01:55 GMT

GET
H3 200 43523707_20230919100612185_4_stars.svg
s0.2mdn.net/ads/richmedia/studio/43523707/ Frame 973D 5 KB
901 B 25ms
24ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43523707/43523707_20230919100612185_4_stars.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04f0629aa2bd5f7d9b263f739dfeb37cceea9d11d5a0f10ef20a4756925d2430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 14:58:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 18:16:36 GMT

GET
H3 200 43523707_20230919100616418_3-5_stars.svg
s0.2mdn.net/ads/richmedia/studio/43523707/ Frame 973D 5 KB
1 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43523707/43523707_20230919100616418_3-5_stars.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625943807f90ef931728da1f8944656d55624286eba1e7fb331ad72a663ab0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 14:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 14:58:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 14:42:19 GMT

GET
H3 200 45488264-Original.jpg-width=640-height=640-mode=crop_1706108633420_45488264-Original.jpg
s0.2mdn.net/dynamic/2/11140704/sundio-media.azureedge.net/products/Images/Original/45400000/88000/ Frame 973D 90 KB
91 KB 85ms
84ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11140704/sundio-media.azureedge.net/products/Images/Original/45400000/88000/45488264-Original.jpg-width=640-height=640-mode=crop_1706108633420_45488264-Original.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53a231480cd9059d8ad711baad6accc686a0eb0bab41d897592af83d903f2687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92654
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 15:05:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 18:30:34 GMT

GET
H3 200 44084109-Original.jpg-width=640-height=640-mode=crop_1706785277421_44084109-Original.jpg
s0.2mdn.net/dynamic/2/11140704/sundio-media.azureedge.net/products/Images/Original/44000000/84000/ Frame 973D 70 KB
70 KB 91ms
90ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11140704/sundio-media.azureedge.net/products/Images/Original/44000000/84000/44084109-Original.jpg-width=640-height=640-mode=crop_1706785277421_44084109-Original.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d139ca0330a30e8795f66523a1b2ff45519a79613df3b95627d70a531332003d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71610
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 11:02:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 18:30:34 GMT

GET
H3 200 37285427-Original.tif-width=640-height=640-mode=crop_1706785277421_37285427-Original.tif.jpeg
s0.2mdn.net/dynamic/2/11140704/sundio-media.azureedge.net/products/Images/Original/37200000/85000/ Frame 973D 59 KB
59 KB 136ms
136ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11140704/sundio-media.azureedge.net/products/Images/Original/37200000/85000/37285427-Original.tif-width=640-height=640-mode=crop_1706785277421_37285427-Original.tif.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

471a03cbe09d076829e92d502db7eeb4c16b1084c548aea6bff0c775d6301b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60681
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 11:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 18:30:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 973D 8 KB
6 KB 72ms
72ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e70aeca460c30d6ace4d5380a160e8473f20ee8a178e4945c620be8757a4149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5827
x-xss-protection: 0

GET
H3 200 TokyoViceS2_DISPLAY_728x90_V2_NLD.jpg_1707404761348_TokyoViceS2_DISPLAY_728x90_V2_NLD.jpg
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/65c319dde9254f4a302b3945/original/ Frame 25C7 15 KB
15 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/65c319dde9254f4a302b3945/original/TokyoViceS2_DISPLAY_728x90_V2_NLD.jpg_1707404761348_TokyoViceS2_DISPLAY_728x90_V2_NLD.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e91c559353152501545c1204995bd1bb9fc4cb8bca8b81352c601b872d04cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 02:39:25 GMT
x-content-type-options: nosniff
age: 57069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15520
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 15:06:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 02:39:25 GMT

GET
H3 200 blank.png_1679670479084_blank.png
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c424036c61e5a/content/ Frame 25C7 927 B
956 B 20ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c424036c61e5a/content/blank.png_1679670479084_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=PZWBPxLVei&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:53:26 GMT
x-content-type-options: nosniff
age: 34628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 15:08:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 08:53:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4972 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 Gilroy-Regular.woff
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 38 KB
38 KB 21ms
21ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/Gilroy-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51fa808e1c12083fc9673a294360eaeaf7c98dcb215bee6798d808c0abf634f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
x-content-type-options: nosniff
age: 120284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38772
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gilroy-Bold.woff
s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/ Frame 25C7 36 KB
36 KB 23ms
23ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/Gilroy-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05023db04b56f3f423eec0da9c5f2f9fb009eaf452928ed42f07f2139d65aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10164732071050739712/728x90-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 09:05:50 GMT
date: Fri, 09 Feb 2024 09:05:50 GMT
x-content-type-options: nosniff
age: 120284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36680
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TokyoViceS2_DISPLAY_970x250_NLD.png_1707404761348_TokyoViceS2_DISPLAY_970x250_NLD.png
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/65c319dde9254f45312b39a3/original/ Frame 4972 313 KB
313 KB 27ms
26ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/65c319dde9254f45312b39a3/original/TokyoViceS2_DISPLAY_970x250_NLD.png_1707404761348_TokyoViceS2_DISPLAY_970x250_NLD.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323d5e2f64e51d91c3f6d0db6996ac6feb5f967f813cb97fdec849a3e9c70402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 07:39:44 GMT
x-content-type-options: nosniff
age: 39050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320780
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 15:06:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 07:39:44 GMT

GET
H3 200 text-shadow.png_1679670479084_text-shadow.png
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/ Frame 4972 38 KB
38 KB 23ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/text-shadow.png_1679670479084_text-shadow.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02cbcf214839eff8133e36a7caf64d3fc7bfb664e5a6084d083107fb7dc79b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:20:48 GMT
x-content-type-options: nosniff
age: 43786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38462
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 15:08:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 06:20:48 GMT

GET
H3 200 logo-shadow.png_1679670479084_logo-shadow.png
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/ Frame 4972 5 KB
5 KB 22ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/logo-shadow.png_1679670479084_logo-shadow.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2685717d5810d2a3a65af5815003622c16f3d1977cf64d4081cb334d66298a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 09:12:30 GMT
x-content-type-options: nosniff
age: 119884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4832
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 15:08:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 09:12:30 GMT

GET
H3 200 optional-logo.png_1679670479084_optional-logo.png
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/ Frame 4972 11 KB
11 KB 25ms
25ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/optional-logo.png_1679670479084_optional-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695a56f3c35f56561144c59f785ba86a42354fb8c01bd3af3e505977ecd4ca90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:20:48 GMT
x-content-type-options: nosniff
age: 43786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11372
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 15:08:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 06:20:48 GMT

GET
H3 200 blank.png_1679670479084_blank.png
s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/ Frame 4972 927 B
958 B 25ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11060314/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/6201220d868444a54357e069/templates/639c5d50011c42ec2cc61e5f/content/blank.png_1679670479084_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=lWpNiyxKKi&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:20:48 GMT
x-content-type-options: nosniff
age: 43786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 15:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 06:20:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402060101&jk=1941852099388345&bg=!3t2l3ZLNAAaxkZ3akZE7ADQBe5WfOHMy1zcqldpV8Yn9BfTasY2EIlHf7G_i-8_G3uK00JQxweaQBxRYSG5npzOtOQ3OAgAAAFVSAAAAA2gBB5kCuu9Vj4oAIgZOWsLhpKpm4PEp80aUpR-tz20ms3ISz09_Xm4USChLHKk7szJYl8foR3gIepxclkNhsye16xd8sJNfETlKva0uteIbCqpORxPGO6A8WSMqXQ0dJbqWE95cVQKe5CYp0Zc71i41Qd1XqiR2wfnY5LFxJiv1srlhtYhoWO_PP6vOr-S_8cereFcMBkClxg6wrp8CT-p0AkMQGTmmOAVmQGAmkXAWd4qhGXkVLTV97mgGugxrDRTthxSPau7OHhJ89cdLDjctNhJelOKNHodEVBi0HsdAC1qAXwhfbjCVtQI8GxecregLOHYRf9xSncb2d2g_lWrZETCBZgCL6yI-urjE2YerGlmpAPM8CBPzlhH9jXY67bzeJaZ7T8sK6JT62ylcVdS93AMR0S-GUloxgCsWgp-c-v9ZhyxWZEClyV57b21Bk8exoAFW3aBrToBpkpIW2QPk9KYWXRMdqlliBS8VaGEUH5QoqPruExmRLevcWk6wmVXbuiVi0OhpzFYc72eLKX4_EIiAKHdN2817-3yfQWK2hPpxq1_cD8vXJit5mgjHQfHXF6ufsPkCCd0zG5jp5zw09_1RMVpWIud47F8VM-xW_qHteW-hjKn8xw4iDai-io56CVOQtgwiHgw9PZYP4do1zLpbBFupTopedUiiCwllKAe4hV8_naCZyYWKabNgWg5AHkJ5PDuDouLpufmVvwZVZC1KWJEZrUtEBkqouc7hQhR-B8Sr2w-XJq1KfTv_G-xIkGOa-nDtZ9JCZzzDLtZ6px9NTj9hp55RJ6YBhjy1g5aSNBvrrW8cMkLlRzBVAaA5T1BhmiOWONJbV1gC1wzWkE9k4uF2FOFhJBG0Hu0xsCUhHnxR6gkNqw6hT5_hG4GxvI5OU4Lp4dBKvkClPFqdq8qFoTwL7WjwjlYbqnYU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DBA 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDHZZluA2O8YTmHEAUHeqREG1cgRtH1JTnJ_Azufp8FBomlFHSuh6rYBabjiY_erbeGaPja1tk2zeyxNV9F3dQjLnpiMFOio5ZGrnq_ShJpaPyH-1BVNFXlcE579OpXLiUg9Wd_vd7cmZOXmoZtOObEPD0Tt7tAckotycuYdiLNptiino&cry=1&dbm_d=AKAmf-BxV25QzC0t1SPZB6ATJz6F36-J-kZgy-QJyyA64jcEBPtrSqDNGuIObdZvhDcp-qwUsBwwiY3XgkDW_JLxR7QG-q_WOlJGXM_D2NVvi417B9E-kwWySCxtJtsDI6por60YNqwWq-QYQX7q5jL2nbPFqKXmTc0EtMzwM4PSOdmWuI0am2Cw1v48NWfgccNx-XnzyDs_hrbJ2QuX4f82H85iq8r60am304WTa3R2mXiBFZQBea5XrQzfl5ie94nMlW5CtcX3rZiRl4FnRETJa-jnesjjbloCeVocq6iTlfuroJJrzkXzY9tdRmQEsSH81Ro6AFCOnblVVmXUUPey4aweV_yIycTL5twQewmVVcenRNQTRRsjCmBagQEyVKh2PwslMZjFY1_readh0OFXVkc4KJimIBoEZtOzsPEV4gYhjKYatnJY4bbsvjhVAPq6Jf81OYIBZnZy181ecLuEdIO65J5QuIcazKc3n3-Oqlg4j6ry9Mn_0cmbYH8vF7Ejdwk7dBuSZJSDxg5UaDy1TcoR4fY1cftXyEbbnESSTnhV7cZxGel4YPtHzreNCm_qFgU4klfhYYlW5ADLq2YHEOc6de-jaZ8E7X0t0pKRKIgw3M64oA4ArrrlC5JCdpMgLAIBM-FmcmDJEm7Mvxjcywn9uZ08pwQxh9i5Nz5q-IWZzR8ACmDk36R6atsHjC7sp4CL4ODOSaHzzjv9vn0nx9LXWabsgYcW11DViL4DeWX7QvyoXqSJIJ_pZZjxrWTUjrsYm6P1qjgV81k_YUm86AdO8MH44bC7So5ow3C_y2witph2w3UNpcuXt548vwGVZgbFcVHIUwqVUOZnXWkgc8wxoy7r1HNFhBexte_DnlpnLvJOKiTwgICzUJ9lgC0g0CAWoz8G5oCy1xDnpJaAS27BXAI56mn7YxJUdaQ10juCJs4Q_Whi35li9svdn9H-P7ABXiCqMmZb4dUnhuZUxwuSKV_oboakUCCaxuyYsS3aGxFILdLn8KBJAFUUamocOPjqdspg08qNNjBFbxx87z_4ICJDsRfxhlz_onS8rgUx03a_zr2xvdgXiKVoo5Sm607jf0yUP8AI4yDp1OnUkKGuuDOEw0hKOMl_GGxy1N6_zFWDfXWSCoie1zccodLPS-C2LXcz4YgH97kPl4-B8UghzxHYbAxTDR41T-BSeK-Jp66NVF2wVUFOa8CDjIlkdKdvS9WFI5yOqCQmk-RLZbTlRl0QlSe0__26rlE24fRzxiGtw1yi6R9mq2zmhv2N8IiNgXQRQWnqzQstzFpDAeZm14ZkOdYY7d_YkS46shkJUbPwSsGBiVtkcSc-YLHEr75t_aqANrJxImQnn2BvWxnh1MigDJNHb8VN6V0SNAgeATY9VE5loSBf-XzSpyUIfNaHkBLFPJPXNAU8fNH7578wFWQCzgvGqAci7Uyi-ROBAhzwNtYukWiXBkLUmqyCx1Kul3tOZf0iuFs3940MBiOtDJXdA955jJLN3juQujSuDyw2TFfoS9GkSVwBQ7z7zZClfWrXczhgek2-_OHUV6qXlrqXL-oWQ4tb40GYddyEKpSIVvZswSpYfuRRLcxv2T_IVBGdxeKy1kjAIMYzhB-UuDJnOp1v93LIcQWfX-dC-O5XUiognBlq0OLqhEjCPKuI7S1Ppuk3Ax_AINeKZBc9rs_Lpc1GvhuVPbhiIfRopZZccnlCuftn1Or7bTKYZN4HIXfY2SjWGqP6bSColcWcDuDPg9may-jrj5upDdml-UJ92K07KthcWip8mZovnrDhF7Gvz7uyOctzs7W034pKOGFw-8Fe8iudjBE787A4NsCqCgV9LomgBda8ny0zaVxXOfGbDC7QbN-z2hgvnM_iP7sCxW4LLWQNPaFRtKN0jg11izvAOqqDA3ORLo26wuezKpAUZ6K5tz_5O8nuYLJjGSxiMCbsr2baDiKYErBWUHRR2FNeIJ9RldZmQa-djZf8KSLQT30_OC5fVP6qP3xyAwaW1PNdS5-PGZWLmvdnbRQPDMZZ2I6mk2U1fKkLRGbQpUx4BYbeVSUwahiFnGfS2fesEHt-q-_TeTSOmhUdDv1x2CeA3vG5zZstGgAEfY_fd0RS3teFoy4b3ee7epvR1mZteMYXJQpdcYPvjcSO2DtuGDxELcDOQ9B1rfTL3DXjkUKpn_vw-Edf-SRgm0cjRT6cQ7Hd1_sMx7CIlciMZ-48TkXxFGO3xLoOIXLWvX-g4xEVwGvNh0vK5rzOOVmZ9wapLEBQyBGnaEGTvr8GWAGN27P7c_ST1WOGTW6FSKt5ChXYoj5S-wqckk5D9ap0ntWMstu5qjJtQUhYPPoIr1ayqYJqNaDtGeKTUIcSP3NRFyNyigZJetPoRMGBquBs8iGMmpwcLKTxSbNmNhjaL-sVnG_iMyVg0BYrb7tsMuKIWgmNrFLbAQSdU5SI5fpLKcOBH5SfNyuHIPebPahTikeP0exrUbFk0y-K-AzZIIq9lxrqNz0KUURpeD-NMVpuThgnilXO2sJhu_AQJ_Y7O0TQjDHRswzH9ERMDuiE75c96xr_yEX8FvHycndYHgJgkfN0yf0q53WLa19KY3I9FSA0-RW-TyQA2Icd-mXGDt_ittDeMLg5I_Vrdjm7sQ4NM2R7kHyh0LyyIat3Nbcat1sdVVXowHT1yWKPHL-xMA-GkfLzf2a5C_PnGJj9XAMSLhXgMTi0RJBb5EUY29tyxpLg4rbTyjcQiRjT7lvS9Xb7a5QkuMZJzSo9POiYYY5i8YeF14QsSL-5uYFsGickUElIVhpojXAb5UdIElHviyt_BqFAJAcmPMrBIAqXufEmmTSPx_4sjlrTko56V3bW7-lSUpBec_vyzACL_iFdcTDLJVuKaSl6KnNw9Js0bXxqi5RjvRZM3nNvPp5XFvET4d3aZHXhuM_2CmRQDWVAIzKpIP97MNUFQejqg0DzUWsV661GtarfvFBrytvhPnfn9948OY19Nbn-q2Ejrey3nz8u-xotUVvGoRQluTxmPi3No8QwQA&cid=CAQSOwAvHhf_CqBCcygrDeRCrp5MhGN52icN2Z3GD6PCjO0AsI3BKszrKPe0Hxx4HoEhCPxEcgrDJK3H5DriGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkooora-lives.net%2F&ds=l&xdt=1&iif=1&cor=12256953706477314000&adk=2086295848&idt=77&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DA9 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEdArycDHZa7ZF9b-9u8P0bqTyAYAAAAAOAHgBAI&bg=!-vml-bbNAAaxkZ3akZE7ADQBe5WfOPY0hPGIjxgLKG4TJl7aBVc4iyv-HGhCo305D12dvgOqg8gBZnYYrMVt08bwANbsAgAAAJ5SAAAAAWgBB5kDJRncImLVJ3_0vlv0W4cchYE4sTN65PchPl0kUuUoFgVhB68sE8R_bZOC6y-5mxRUVxTN5ZS1mXcC3wIWDniC9vAXM_m6mvvBTVSBvw46ldejkoK1Levm6i41Qx1eXtMdJcBGCBy-J0zGngY862C80f78_dVa1onZoGDvtUosYZExYyZoz2k6aQsg8xpWfZGEI5vyuTW_sf8-7u0u-l2QRwEzITo4-yvC_Km2qGU9YsdtE5japIwoXnGq6rZaU1IPYFzSc5iZ5OJtS7aPAAdR8nO43HeqV5duV3lY_FWA1dVDPZ20s-QfNzIFanZvVs1JjGfPPsNQMvbPUhW1ql6xEcfraIherat3DDMwkBeV7RyJDtgGBsoGPe2kc6x68EMGPpYCLHPSowEs2tObrpAB2mJaCdWHDeTRUrn2c2WJiW8NLhMSckx4VvNDl5dnBArN_yvOZUQ2CHOWD7OJM7iBCZ4nXMjCIpa1SSOljiFMwQfR_l_5gDnqPoq8SknuFS4DN8rq_3mfjp39K2mVd4oCqk7sLzHJpHlsQ8rAD0CU1hhfIpiD21Ouiml6pQIOUSKCSkJoPtdWJAsNpdnRWZBJjwXWnw0u8AjFZgMU09B79OfMjFg5SLhsCZXxcORLcFu_KmGrVrLBC7ITL6Mhjl6agNbjGn9qfBhof5gxvO3ApTdutz2CpfrWf5jBL_CggoX3uv_I9LcoctOuK3kwUFyNZl1dJPWuVLUfOSeDvn_8iwKawDuTTuKVqKxFqJyXmYdvv1UqE4pAcLM1zr5t0fzO4CYkMhmSdQcSJfYoKGt9CWbExbGccpb-TMhNdgfddgb15-oeQZLxRafS4Jzd8_Air4zsrvlIMDRu1UOMd94pgSlvdQKFBDNrxJuXm7o1vqXry4Tyl4lRp3Jl58PKXcSYa1Y5htEl8vko9_uL9dr8p4q9RpK-w87TWrNi0UOmTR1a56Hz9sqUvIiKbVa_jItaPurew8Odi-bKiXHkeVEgFoWK_IiUr-nI25v6fsUMDpNg0d9CUNgWUbAFm8xc0co9WzNhItX4-_ck6Yd085CUAoTd4JC45_0

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Gilroy-Regular.woff
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 38 KB
38 KB 23ms
22ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/Gilroy-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51fa808e1c12083fc9673a294360eaeaf7c98dcb215bee6798d808c0abf634f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 06:20:48 GMT
date: Sat, 10 Feb 2024 06:20:48 GMT
x-content-type-options: nosniff
age: 43786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38772
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gilroy-Bold.woff
s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/ Frame 4972 36 KB
36 KB 23ms
23ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/Gilroy-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05023db04b56f3f423eec0da9c5f2f9fb009eaf452928ed42f07f2139d65aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7134372471783817216/970x250-HBO_SpecialConcept_DisplayPrg_Static/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 06:20:48 GMT
date: Sat, 10 Feb 2024 06:20:48 GMT
x-content-type-options: nosniff
age: 43786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36680
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 14:04:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4DBA 172 KB
60 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Origin: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 4DBA 12 KB
4 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWPLJEX6eV1zvBKMUxojdOudSEk4Ye2n6esOhMa7B1BZdSmdmM&d=CpkBAKAmf-Anqgm6KQRlodWeZYG_4Kovg6r7EjHFAUBevWOK9ARp_WQz4agmC7hd1EgsLJBEdVzjfEsBo-Z-fit-at_SVAjig1eapmhDOjqMDk7LEQWB3I2BVTheJ626kSxB2U9ij5tOJ4Ourm3EuqqJKSV-8t1IcNY8xDkd5ro6vAhKCNFOu5LsWesqielFDf9Z6sonut754TbzErkVAKAmf-AZoslA0NdvVqWsWVoN_1Hulu__bWNiy_T1nBzd5nXGDRK9nDJy-ATMLlPENNok7sCEGonT2_PPX-F2zW7iZnW7ig93nlPUgRNeTkAUNR6ALO-L9Gtke9MsXALyy-HVx4U79yOQJUrM5gTP4G9lzwVrqTIR732tuIBY7kALCmMmaym8Cy0Oh3mGuLCKnc5E4SU4HX6yZ7RZeSZ2nunnH8EOALnX5k_PdyMz1CxvlzT6_6oFfXKWX6k7IusYIS7-J5qgo-QAbzJc9BUIsPYxf7TS-qDpojnZWwDeloZnPHq2LfviTkW_BoAUvaMe2q24HEkt3kzKD-37cNHUXFPYWQvkht73HzOiMCcnHlHz14VaBYR9ULxya3YJqpgGZgzEr679bGtHqA5dwl8BE6qmlvJ9b-jEzI--7yf8trNheIzmpw0uaFVVcFdFgPnVfwd1ZaA5yDPB41bg0rIUFVagRSscnDMbJ3qkYbiBE0ipywnbcLKOg8E5Ufl4REFBkVB_A0SRq-GWt6hvQfbuHlOyQh3H4ZzMNoe3glRITzgv63OWONtbBT91bT9ni5xE3Dx3E2-2bJNf8cpfNiVj42xsGJkv2uel6-il-VX1bAoSbiuWL_d_t_wne0JV5j_yRGkQSFKsLXZ9sSNxSuuSODvxbt1xgqoHPQIdRKUZjHUhLYgc6pjAyUtvFZu3Fjg23tkuAnX49c-ZBNRJ0Bl8DBSrpGSjNfk_9PYGEnhikuYUAJqGD51xC-JATvTD4Ofta6hoTDXcLKNVM2wm00P1gT4Z9t2Hg0-DevODf6eAhZGgHpfr-SU_0awFDlDJxJ2vINvMGSlwcy_llEkIzJFw7ek2Ph-mwlX8jkzsHFT6t8QBNE51ANoGzBGfUYXug1kkcvjuQdDdRCmKofR56S-88zhL_IKRpJGeF-7AfWN453rm2mlsp0YD2laj8OKNlVd6lg5h3Xeoa-hm9lwoEk0waAh3pSam-F2_3ye5wKdK-yYX1KBwi_W_exeCSqtgk_DqgwFjNZDNHGjoPe5KHBBiL55lsjScJrfTdJZ9t1LLB6Lj9nSlUAh93vermVgNq75Z3wf3Lz4k3__TrTYP6yxG4eW9SZULxB6PkI1Cs50TiJJXaYr-0JBqz32BxZxYaTODy_pcHoaO665SfkQgtFFYZxTVo4YQMbwi5BZDR-PvG5-PSw1JhuPUrXkEmbJ5JZan-hHOi-qPi5RSQveuaEssS5y00uzQ1CdbzgSkiCrPtLRCJiKRxKwyoFZCKc2cwpMsVwJXw4esTm6LodBAvNjqUCyuy65fvZA87VVH8Vko6c_1zbJaoyn-9OhhG-JJmtOka73gbhZ1EGRPaAa-f9hpI6gADc6upp4oOp7ZMINGxwZPoyys1vGawZOHtA1WkFBkRvTKXEMFb2QNPeQgeonDBIjOWcSm5YPSU4rJSFR70r0U1auhQBd4J_Ekzcs1V_KAMKitgulnpLaTdzlfcZhi9eYF48-Gz87hmDT9tzW2VjHPF46g7lpyyYQFkWXP1t11lFRlWbk8_pPvHXS6DPcTEYEZttopV6kLev8c08k0oDQNcqDk1-GLvwhmx6hX3XU2GAZ86FBJmUTRnRnuM7ApVRKHBfddjvUwvxeBIbt_I3Hy7J8QtGiVfwBeXdv9K7mPg4EFurf_SVxVbEgOzIXpiAAdh_lI9bqqn3jkAR1VyPtujyTSZ1QlmdtvUJbehupndcBD_DIzoH7GF9suN5dAMpCC4NkuV6BShj1PBlE7ViYqUjmBrtYadAr4kbaFzXpDkf4k3HJEy39BJQry3UxAh7AL4tssNiWWZl6xJefZbbjO7jaWxttKcOq9DewhBZeQR_wxpn4LNYmLOppasL0h3OfMrraX_YIc5NgMi3LBTdJPnfs126Zrz91Q7rkKlrRlTM4IDw_sBE4jwghPeH3Ggpvdw9cDT7AuDLysO5V6yWsQdniKGnJ9dmu1WHTfySwdCGk-abTbbx91s5IfED6ubdXnPo_rbNhjohnBU30metW1pWqm5VaHtWeNO6RY6nm-r4O3uJbt2w-V6oSM5ZarEpeMUyJv7V43nqomY7cfeCUSGQBJoE3nIJESIadiaeVjGGAmvjStmQFzWi7qP8IfFjuqeRDIj_gQ0Z5woXEDFljCjXXp-J2Ss1CqvD-nCuJDm5DGmN6e_0uYUqYmHrpA88LpCpgEmSFU8moWTdZIPVDIhJb5YZ-gFkTzLZnnDhFWwdI4RGZ1XmMzJa21ixiE70N97fsNCNC4tnI7ZoZEH45Jekusc1nIVMgd4u3ef0gMJiNJGpn62ZUWqrnHW4jfsKmmUeVRZ804F8Q3iaa154TDeE0ADK7IMnPNhVfBPMs4Lu6arIbRgcASWFn5OZk_l-e3oV9i0En8yizAiaVgzxXCh7CaOLJUyf57KrbGE9bwvvuXufpB4B3dyVZUk699bOyED5v_RM-chPsVF_FJqgMgwWel1ZcpAxN3zlWFRwIIU9UgzPVJeDC76G_MqppaJ_Efh1Jsf0iTS9j5h0glP8DuH0OjAugjEaBDrEvg6-mqq3fAuhn6OrseRvi_A1OWWz_sNF8j7FAVkJJHK20FdBX_lQuBefFk-T59pjGxfEv8dDWSUukLr6S2_Uyq2Etu3Juvw-dL7mIuWyYmDSxdlubGfnFFLuiWA4UsIwFU6RT7ha1_-y45hGFouqWUQDnmL6UdhyDkxDuiWVAAmJu85pmOJbIfPRBxLZOxSIX7M5UkvfCeFYa4VAEtdjyYb3WbHPIdPttPfPNQ9iYh8PqoQQv0YU-QN0I1ask7ctjZjjrnZ2Ic_iFmcBuxpKyzO0b9b7qs20_4HQ9b40JBIbaE-Ap3di1fP_JCOAEbD7ZdhyXDxqS8i49hyVXCG1LgSGZ_B1qUMusWVdbBtAlNrSN53x-ecatxAlHaoK6WLy--1mIh7ZplYUm7pUFmV1HbuMoe6f1tLtoAHpCnRW1cp33a619uDkRSEv1U17HMlgVc1Wy6fbAXiVSNx_V1z4ws46JXRTvcYuLShQwY3b2BctjU4yGzyoSxgcHb9qmVANBFOX_ReSAr8H2oKzINZ7gfx1lSDaAkd3yoqiQOu8habal9lnkIb7dbTaXGBx9zvF8Gg6qec-KWVAqZ2ljHFZRf8BY0N2hewPfIkVvZuCYOgEA2ZlkNKUc88XDeCsdp9tzdJWJ_gorcQHeBN2S9Vuy5ivS13sCm6sAs3ca63SJtxCtNRBzLQMayc1I1f46Qhafetaek7NegkgiPDtZlsknkdjfBbspFSTUapCKE3wgbyvE_jL14sdZamaXHqRHxFf2pWna282ghjZNLpnLHzb2LtwsDpkp4cUC3q1_UZeDaCs_S90DzvMt0FZKWaRyOZBGHjmxBW802rXmlXhDXXz13-LPRxMknWxKi2WhtJ9k0nTF1bpQw8tQjaorTWHV6Dj28nKgTNv_G75CltKjjZfVeSI6TW--ace01Uw-QrNI5OVqGdgOz8LBfWxaOtqq5BNiv6uosTebz9UHkvPpr0jn2EbSD0i9KO_Gn3NGB3nCsa-6xOgG0cWjM3DZiSjBB37E_fCN5vKUxiKcVgzSSt8GfSPMp3d16CRNr89_EiOApy9svdBQxTHyI4JYPgGQe6qyZkVKipU_tFJqnWP1MGkEIBBI7AC8eF_8KoEJzKCsN5EKunkyEY3naJw3ZncYPo8KM7QCwjcEqzOso97QfHHgegSEI_ERyCsMkrcfkOuIYAWAB&cry=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 23:49:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 4DBA 31 KB
12 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 21:49:59 GMT

GET
H2 200 main.19.8.482.js Show response
static.adsafeprotected.com/ Frame 4DBA 216 KB
67 KB 105ms
31ms Script
application/javascript 2600:9000:2450:3800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.482.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1849103/76721144/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https://kooora-lives.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hYVxwCrp5zKlwC-wM5T1oO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:3800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c734506c7a756dd56e13dd279f299b8f413fa31ede7c21a9838505f9185ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:38:24 GMT
x-amz-version-id: iE_sqkP30JeH5eHImETxz6dpr.fcRgOD
content-encoding: gzip
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 93131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Feb 2024 14:23:41 GMT
server: AmazonS3
etag: W/"712469e9c505b1706bb963af3a1c913c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: vjoSWMhBwcDB7pvvS_5gE3eIvxuLdemK2lFjYeZU_Qm9lppRpClw8Q==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1F22 1 KB
644 B 31ms
31ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 33424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sun, 11 Feb 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4DBA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ff0ffdb6a6ca11466da36b85473e4503bdab081747623f0369bd3a26c7493e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame CB7B 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3073 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 64784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 240C 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1F22
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG0MLF7AVyi4z1R7_nUL9fg&google_cver=1&google_push=AXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG0MLF7AVyi4z1R7_nUL9fg&google_cver=1&google_push=AXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw&...

43 B
421 B

193ms
178ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG0MLF7AVyi4z1R7_nUL9fg&google_cver=1&google_push=AXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85366c92a9a29174-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 978
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG0MLF7AVyi4z1R7_nUL9fg&google_cver=1&google_push=AXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSMdELdqfdkTn4ITt0LYhVvhrXA3wMCGbmeY1X4z35KrUHxakWw4MKyDXkgOKw0bCAWpNp5ihsR5NTiOllb9n9ZoKQzw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85366c915f269174-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F22
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJZkFZg4G08p9qMpb4f-75o&google_cver=1&google_push=AXcoOmTFq-iRZxvYkiN-eE2gvWIm5rhcTmioQ3foJ-lSNSN47Zqso25HSwk0JDew0bM3DcPeZ7hIoA6pg7SbVYFVoYScnXu9EKs
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmTFq-iRZxvYkiN-eE2gvWIm5rhcTmioQ3foJ-lSNSN47Zqso25HSwk0JDew0bM3DcPeZ7hIoA6pg7SbVYF...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmTFq-iRZxvYkiN-eE2gvWIm5rhcTmioQ3foJ-lSNSN47Zqso25HSwk0JDew0bM3DcPeZ7hIoA6pg7SbVYFVoYScnXu9EKs

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmTFq-iRZxvYkiN-eE2gvWIm5rhcTmioQ3foJ-lSNSN47Zqso25HSwk0JDew0bM3DcPeZ7hIoA6pg7SbVYFVoYScnXu9EKs
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 09 Feb 2024 18:30:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F22
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFtEJHkZ4ObRdHlaBsHX1ps&google_cver=1&google_push=AXcoOmRQMhsbLdcIEYg55aFkyaTe0wy0_W0AB9PsSiWG84pr41-RPYi__xJGz4rp1HkDSyXgHnIyKu2IdAjDqUyT...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21vqX6SwQ4AI67c9nrLdwg&google_push=AXcoOmRQMhsbLdcIEYg55aFkyaTe0wy0_W0AB9PsSiWG84pr41-RPYi__xJGz4rp1HkDSyXgHnIyKu2IdAjDqUyTcA_m3NBXfhQ

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21vqX6SwQ4AI67c9nrLdwg&google_push=AXcoOmRQMhsbLdcIEYg55aFkyaTe0wy0_W0AB9PsSiWG84pr41-RPYi__xJGz4rp1HkDSyXgHnIyKu2IdAjDqUyTcA_m3NBXfhQ

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:34 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21vqX6SwQ4AI67c9nrLdwg&google_push=AXcoOmRQMhsbLdcIEYg55aFkyaTe0wy0_W0AB9PsSiWG84pr41-RPYi__xJGz4rp1HkDSyXgHnIyKu2IdAjDqUyTcA_m3NBXfhQ
x-host: tde-deliveryengine-production-7fbb6d4658-df6n8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F22
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDh9e_WSZ7JGR-Dlmdr6QVs&google_cver=1&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4w2...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDh9e_WSZ7JGR-Dlmdr6QVs&google_cver=1&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5MzY2MDg1MjI3OTM4ODcxNQ&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5MzY2MDg1MjI3OTM4ODcxNQ&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4w28YD33_1nWEciaIxP

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5MzY2MDg1MjI3OTM4ODcxNQ&google_push=AXcoOmS-61xfcKMkRHd9q1Qj0VSvpTmtfsKrtwaEHmxGVti6lmoYJQHGtK6bqhiGElYyIpBpyzu8s4w28YD33_1nWEciaIxP
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1F22 0
12 B 27ms
27ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsWrhNKBx0WGrqshG5wzuvfvrShZ5ekqCOhPLAW5rGhhl-N3bS

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 12 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

615ba3215d2c37be50f5d91e5e451c94373db52c4e63d1d92f9867f98d7da1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3411
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:34 GMT
expires: Sun, 09 Feb 2025 18:30:34 GMT
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4DBA 0
0 66ms
65ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsudohw2gI-FWq3_18paT6a5QYsuLf5CKrPAY_DNHYjRaQHEXxaEo_EJWroP5dXsKbfjokmMRFmbEXgKdxTBvqxBTDJe_Jy2ABxOS0kPgZZWS70HapusgV67OBR_Kz64LXmt11TwMInekU5AgOnfen9iTjFss-RflRNt3gw7SlDqNddziXr5UobkSwecddyrsAygkDwbWam8joEej_iYqpPwxNVFg0H14KpjEnTbxbsIqyWEZh5K8MR1&sai=AMfl-YQk8mqAoF__szbMIHdG0Mf8oXxgl_l_tM1OG0UpvLPCmlDs7YJZC4h-1cL1cbHCJc5DqznKD2RFlASgBmhtGiWDISi5iic7yrCyRjtMK07dkMd8WepctvBZsKmPpedzCgXPYHL7upgkXJJwVbWb2LcKxA&sig=Cg0ArKJSzO7tH5MhaJaXEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9oYm9tYXguY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=64&cisv=r20240207.70016&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3073 39 KB
15 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 6 KB
2 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 05:42:53 GMT
date: Sat, 10 Feb 2024 05:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 3 KB
824 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adStyle.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d57fbb78e362e90eda0bf3bab1834fb3dc115bee81668e3f689177b4d71484b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 18:06:25 GMT
date: Sat, 10 Feb 2024 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame ADBA 118 KB
40 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 04:12:33 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame ADBA 57 KB
23 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 3 KB
1 KB 27ms
26ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c697efd5b9849665cc70c73bdfb04ad243baf6f51bf28dae7fd43d6df2392c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 05:49:43 GMT
date: Tue, 06 Feb 2024 05:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 8 KB
3 KB 26ms
25ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/textFit.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 17:29:14 GMT
date: Tue, 06 Feb 2024 17:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 25 KB
11 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adlibUtils-v3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 18:06:25 GMT
date: Sat, 10 Feb 2024 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 3 KB
1 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/animation.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730e9503e6f985e78069b12eadd309494c665d98e14bfa3ae1e1e53e7c87734f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 18:06:25 GMT
date: Sat, 10 Feb 2024 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1126
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 container.html Show response
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EB4 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:33 GMT
expires: Sun, 09 Feb 2025 18:30:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 55ms
55ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.2&b=3&r=kooora-lives.net_auto_interstitial_desktop&sy=6b2e424e-b530-43f5-b231-b5cd6977b942&ts=66&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.net&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=a29vb3JhLWxpdmVzLm5ldC8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora-lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nf-request-id: 01HNE43HDJQ7C6GTXWS39H9EES
date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 939591
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4de3471543ab9d51aa27825d54588404-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 85366c916fd065e1-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 6EB4 5 KB
1 KB 75ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 17:20:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 56A0 640 B
262 B 74ms
72ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJfY_doBMAE&v=APEucNVfV717wT6RzyEh_NsdoFR0TjOkdZXDeh9ePYZBYWivUwgNej_Txdscg-ryaopaglui8np13RI55YcgN9W1WeZmsXbR6BSzvpqIuNNeF0lMT2JUpfQywjIRxMcziDzgyGMf3rShI4SLByi2jFfHSS6rpLar2GqUoMdXtpLlY8PmWBKwOdmVvIU-qBToCZx4dgWipcfm

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FCCF 93 KB
33 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame FCCF 83 KB
28 KB 56ms
55ms Script
text/javascript 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU35Q_HGImOUmXEPoYhyJWablCl5RxlVO3OawbQrYmsgd4B-So&d=CpkBAKAmf-Dbbnm5AvRvFlr3Cb2Ud3wd111VQoFm7W8czdw612-4mQ5tGZt2dgOZjBcTYQwX8EqJa5PSmX1ximIhU4DWzqg0QgPtjHtp8PWsw8woA0X0jLKgob_w2aSK8XmE824mKBNQGNvpOxJR6067uJBbRpU22Lh9nU3QdZn3jNkDgEHmk_0CaRnflvnuQahhE0OekWOGz9deEskVAKAmf-DsJpeISs02yGUVohmSfGQ_9_FjZJ5BTIn7gkWgxZHzpO9icHdZz2h5zmf9UqBrqROaIH3nMev4pnEhMQjMtutK8L4tHzvEG8u8Rf5USGQBdWV9YiA1EeB2XQqBRqz14498qKc4-VnQUindp6nMWbT2hbg8tc6e4GqLIJUWeucgQ_DlbJqruEfBxsB2ZanNqTu8BOsbsXNIVQoMSoFxvRj843LrbdBJty7Nyccb9YF7Blpd6z0YUPUB2ATvvwp_VYLIOK_eQ-_04xg59C5-5eqp09F18tSSOAPCZzggYB1Juloe_ZQ0iHB888RQ5D6UxTAVnbVv_9rqOcSw3mMy7eQFqkEXvI3WaV0uIgPy8vcLFfVM0RKfQm91frCL4WDAGk1lLjLVH7nI5tkM_QOxw-yF0x_M6QgNwTTthaROMbqq8-BuflJthDFX3IGK14hOfNw1_ByOJ4p2P3cllNZjkVO8eXsoHtnCLx-J7rWVZw9dZWSEZD8YzdU3UYFA2xd9Uen5rdHJNOClx9S-sZHZ3JPMBQmSfuyra2VAsgts_XHssFGHLsFnt44pKaDzarZTxgjqV6IJXkjzTlOxqompuFXNGGHKk444HvnwE6Nasjimzzjm4dMaLVOPOcjhIaHAfh8nG2YjAsBx2rwbkofgAEYVUVWH3EPNX092swG_tImEhmMXUbJXA8PKM7rEIXT6zsoMf3DLnjE3vAs4eP7F19kgSuquNXERoTAcR-6XELkKvwymkmSpQGbO4jiGU0Knk1eNohGDPJvzUiAgsBwcRotBhw0nfLt3HBSzz3G_CpTzRqTdPGYIaItscAjYqn_opWkEOunoc7wr3BZ1u3baJSt8qiw6RFPOMvyQ8BHo_YFwgwgtW5Cb4Nm6B7FD4OHk-3rN30v6uPm45jadynC58YC57KHuMdZFN_uKfbTRPTuQkqOwHcTbK6rimm6R_GB4hJraBJejoXq0Fhz_mAjpK0QQ5CLASpRG_fuRZ0W9TTx_yWlhT9B4v8U99r3u2uePr6TcxQElQygZcAXA5yDmdK1s5hihoOpQ9XoRyC-0Cd56BEU6nNljvNl8Pt_EjwUEl8cMpEfsrpI8bDuB3Q461NabDfG5HCvxLEk3PNxjLCY8GhG4HdWxSq64gXTlMowAbThNoMGnXQ-v0pVesQKoGOJQjeDHbq7gSmGmwoi4zLumPZd_MsVgpe2w8lZursIYTJSoii67llN7iJKxYK-U4vLjYIZUYsu9ozjEFK4CxAi5fWQZDGa8ZIF6ERhROab8JlT7KDjEPX_caqlmyJbqb4tJxHsci6oO38r1XQ4YNsVpgVPZgJbhGJS8-rCJMEEsA7JYFFX768_Zzgw2HiZVWILWgKJo_1WtpbWHVXNGNEGFqCErLN29inJSOpOYn0sc4xxrww8tlpFOXftFpYQooHPRGENvZIbWMpZDH2Onxsg0-F9l_J69i5tGPBllYpbI4hLmmg6Chf2FOs1m9LlTl4J7eKQo0eJGzj2mVYQpUJiuEODazZkUa_XTKPN8kQmLw06o6yxbWiLryj_k2uDvyKb10W2Wf6IyAFxMjxbgnhzqxjdn3G7hryJyTopqKdhz-dFfEJaCuaXM_vjyljtflEqbShXhjyxaR_FiOXgz2NbLaUUdXA5-7RpqqwiOrKP3WOwY0YBSCi7IJqsWmBlj_jjGGbte_zSHsABOxahxPIlju6bHxzNuo0_zkvF6VUFkLqpdGgJ0Gmi5XdzqlzWN9Wpy5mJKHwBM6pCZ1o75h1EzREPgeyb97HZP5D0-luBYxWE7sWvhbiXNnaIMUQ97DlFkiJ7dnq_jazCpKa9krvCWgSRYpBPoRU0vR-z82pOdzBAnOFhxqWR1VoJkzoL7j6B54vre0iXWnQUh4W4K0W0SzXVokaTOjWuFu2wA6ZLh7-F1iAeuX60ahGNcJVIsD0upAF_YIkD6BEan-qnxwGZLVGurFa49VJ9XTrSQciWqitDhK81BtMNpP9moamPSeTfp-slR0fZSWVmwHd9wO5IeZp0aMvKEYfvs8eLxWAUuU9sYOorA6ualBX8yAOwdeWCVChsVtxEc-domb60zlaOw0MLIqyTPcEo-oQQjh0aI_yC0W_wVgnvbPRwAH3EF9qEOipsdKrod3x9Lk3Ei6uZ6UEY0lLuRBqPZls3ZK-GL6DmvQPF1sTZk35fqiCk8G8BF5X36xZbl1TnX4KZw6eH3lr0SUUbhTdlo5zE6SoZ_6ljI-g0AOav1F3qhWnkZ3gnicnrvn3cDEgrj6UWT21WBJvM1I8O961bRdlD5pg9O1LhFQYdXkGMKFAN0wSzaz-IZE-HW56oTIyEcpUm7YZ5eoabq2L8-W-_MWey_4cQWWi85UrEvfq69cdMzKt2y58e1aFV4ORqk8AQRECf_mu8DIyfKDfSa5Kh3K5HnL8_R-3cb3MhhhUrjj06z6dSg_gJ0YY9r0zNMktofNvO3r4L6Hq4WR24Xb6hQsQm7JK1WLaBCWhBSQf3e2-YXqy_m-96ZYg7N4-vOwcbf8jc1gkDHVs94WZYPNwFEdhdZtE017KS765Rpg80gheGHIpajZwpld_QUjW0qJnokT-_TA0A8uvC7HP1JBvoxpyHwCduovibrUML2Hcth-gKN8YMhm9KnMtqvhKWxWT-FWrWzMUvNPwVdhHNCDSpN7rDOltR2-2ibxWl1lIPtaj3HgjLZ68leZSNymaZmfQZvrpaQG_g9hWI5zO5rQuFKwp8AF5MTtWvDn4jVrz-IkfduzCLlM16cmaVVyhSZ7gANjCaklsvIlFIEkrS87By0E9oPcqoY2r86N9eFUpju-VYWNNG7PYBYd3TKvIBxnWhiiJ0PzAqNi_8gfhkcSCI1Qc18kKAn3hJIgu9ytWlRja0ctGmWoIfiCwe_XES4o-PkiW9NT8ZkkBtkgR9q98QGrgPoDk1xmFNkpsAC2AiA0GQYobyn2RzyDQbm3wfJGfEk7vlA5aNZhESj-5YaylQXeepVCDhaVSD-ocbuXUQrW6RtWuecDMdJk5NZH2W4qF4HHy6b3p4GGsUh_KpB6zs1nmUljh22DV__ZLtECk7lh7HiHuTiVfYd-BciNZMMN1-79UyNAJa-MwaLqMsvBxkNPZ3uGzu6XDhES0a_n6ApKYnIud7GFdyT3vHDJyJlJFTtyOsWBmbQuExz0B2xBb8jf_DLwd8ng_KwLaDV45R2BfvWaHC0r2Fgvzf0pD7aIBzPzJnNV0nLT_Y9ErAtO2ScC9TR5my6KO-x29hTRsYgP260Oan7-WBCoAKdzsh7n2tsFXZ0RpOD8WDlKumRlFL4pj7yJkrdWcydh-i8c1hH5bcE-zn00kV4YQdhsgk49n8d7KUwUsLL9Y75xS-Eyg7j5dJvjfsgaHHRqcX5zyxxySVt_YyxlRk4meJqcwZfS-TEDs_nqASWhM6KGe-w7LbqfzaKsjoqzypMsHICQ9ugEvGPjvsv2dn9-w-VyzMWUUNzvDL_GN_bIbja4bIczPIUNf0b9fjlS1IljzblRdvGzxNWdFAUndtlB3fSsuSOBPn1o0lKhdJ4_HA4-jwGmNSPt4GCelaKIBQhefi_KQvJSlvaJSxFO8Q7fNI6bgJH-aBJUNiCJYntdM7X4tUNGWPo4E1FWTvxuePvc7YRPdOBVtUFHU4gdZzzwMVujBpCCAQSPAAvHhf_pPw03un0JLtl3tSgf0Qtw18M4JBMF70AOXjgN74qEUcJ0XlWfXTyL4i_lCmLiAwtQ-O85UVJ-BgBYAE&cry=1

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f155.1e100.net

Software

cafe /

Resource Hash

8e5c1c95ef1884fce18fb4b2748fadb2b265aabc8bcff039399a340be2d87fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1849103/76721142/ Frame FCCF 60 KB
15 KB 38ms
37ms Script
application/javascript 54.194.91.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1849103/76721142/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https://kooora-lives.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j1lhCB1Zc6RfqiVidDUwNt
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.91.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-91-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c42e95760c7ded6c63725963644b81ba5e76d56e759a958b1dadae8115edfdd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame FCCF 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame FCCF 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:58:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FCCF 0
0 39ms
39ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRc9D5cNQ7koI61AqP1Gn4K3By_6YV2lUZeypjc0WPGr9fFBRE9sHeDowoP_s-8WuF5aP_Wu4DhwALb3t2Wa0DIyDun4w
Requested by: Host: kooora-lives.net
URL: https://kooora-lives.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FCCF 203 KB
61 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:35:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FCCF 42 B
63 B 62ms
61ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALNjoeCZhMqu5stHt3Tpeoa6C8bD1-V3lVV65QvSQ2XHvBeGb6P4_fTvmAhve6shkaUvjcoqpMmlCvbykDNXaQzYZqb7PdKkoDd1Gp8MVqISUvAXE

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 6EB4 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:54:21 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 4DBA
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1849103/76721144/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https:...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
463 B

27ms
27ms

Script
application/javascript

2600:9000:2450:3800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2450:3800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 11804956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 08CRage25m7f9zAVtjSOnmP2E63jM8EBgaAFXRg2N-4cUqiBf8cYCQ==

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame CED0 91 KB
23 KB 30ms
30ms Script
application/javascript 2600:9000:2450:3800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:3800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 3915618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: lI9WJf-bD5vrTdUeVVNI2I81BACBW7j6j1BAMHLVH-QV7ZbuO_HRgw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4DBA 43 B
216 B 380ms
102ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=e1996998-2d8c-cbdd-ecf8-8766994ab5e0&tv=%7Bc:3QDIGX,pingTime:-3,time:228,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:202%7D,%7Bpiv:0,vs:o,r:l,t:228%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:229,n:228,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:202,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~970.250%5D%7D%7D,%7Bsl:o,t:228,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18*.1849103-76721144%7C181%7C182%7C1831%7C184%7C1911,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:203%7D&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4DBA 43 B
215 B 379ms
104ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=e1996998-2d8c-cbdd-ecf8-8766994ab5e0&tv=%7Bc:3QDIGZ,pingTime:-6,time:230,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:230,n:228,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:202,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~970.250%5D%7D%7D,%7Bsl:o,t:228,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18*.1849103-76721144%7C181%7C182%7C1831%7C184%7C1911,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:203%7D&tpiLookup=ao:kooora-lives.net*&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4DBA 0
0 65ms
65ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsudohw2gI-FWq3_18paT6a5QYsuLf5CKrPAY_DNHYjRaQHEXxaEo_EJWroP5dXsKbfjokmMRFmbEXgKdxTBvqxBTDJe_Jy2ABxOS0kPgZZWS70HapusgV67OBR_Kz64LXmt11TwMInekU5AgOnfen9iTjFss-RflRNt3gw7SlDqNddziXr5UobkSwecddyrsAygkDwbWam8joEej_iYqpPwxNVFg0H14KpjEnTbxbsIqyWEZh5K8MR1&sai=AMfl-YQk8mqAoF__szbMIHdG0Mf8oXxgl_l_tM1OG0UpvLPCmlDs7YJZC4h-1cL1cbHCJc5DqznKD2RFlASgBmhtGiWDISi5iic7yrCyRjtMK07dkMd8WepctvBZsKmPpedzCgXPYHL7upgkXJJwVbWb2LcKxA&sig=Cg0ArKJSzO7tH5MhaJaXEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9oYm9tYXguY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=241&vt=11&dtpt=173&dett=3&cstd=64&cisv=r20240207.70016&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4DBA 43 B
215 B 371ms
104ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=e1996998-2d8c-cbdd-ecf8-8766994ab5e0&tv=%7Bc:3QDIH9,pingTime:-2,time:240,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:239,beZ:240,mfA:428,cmA:429,inA:429,inZ:431,prA:432,prZ:437,si:441,poA:442,poZ:450,cmZ:450,mfZ:450,loA:468,loZ:470,ltA:478,ltZ:478,mdA:240,mdZ:378%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:202%7D,%7Bpiv:0,vs:o,r:l,t:228%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:240,n:228,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:202,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~970.250%5D%7D%7D,%7Bsl:o,t:228,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18*.1849103-76721144%7C181%7C182%7C1831%7C184%7C1911,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:203,sinceFw:37,readyFired:true%7D&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ADBA 8 KB
6 KB 70ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6bd7a3b89a91eaba69fc4b01e408834fdeda54bf707c909b2c4f190d6f0db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5832
x-xss-protection: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 56A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1

43 B
61 B

20ms
20ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJfY_doBMAE&v=APEucNVfV717wT6RzyEh_NsdoFR0TjOkdZXDeh9ePYZBYWivUwgNej_Txdscg-ryaopaglui8np13RI55YcgN9W1WeZmsXbR6BSzvpqIuNNeF0lMT2JUpfQywjIRxMcziDzgyGMf3rShI4SLByi2jFfHSS6rpLar2GqUoMdXtpLlY8PmWBKwOdmVvIU-qBToCZx4dgWipcfm
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG5gT3Z4cqnP48ylgVhIEdI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 56A0 43 B
111 B 25ms
23ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJfY_doBMAE&v=APEucNVfV717wT6RzyEh_NsdoFR0TjOkdZXDeh9ePYZBYWivUwgNej_Txdscg-ryaopaglui8np13RI55YcgN9W1WeZmsXbR6BSzvpqIuNNeF0lMT2JUpfQywjIRxMcziDzgyGMf3rShI4SLByi2jFfHSS6rpLar2GqUoMdXtpLlY8PmWBKwOdmVvIU-qBToCZx4dgWipcfm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 56A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1

23 B
163 B

44ms
44ms

Image
image/gif

23.211.8.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJfY_doBMAE&v=APEucNVfV717wT6RzyEh_NsdoFR0TjOkdZXDeh9ePYZBYWivUwgNej_Txdscg-ryaopaglui8np13RI55YcgN9W1WeZmsXbR6BSzvpqIuNNeF0lMT2JUpfQywjIRxMcziDzgyGMf3rShI4SLByi2jFfHSS6rpLar2GqUoMdXtpLlY8PmWBKwOdmVvIU-qBToCZx4dgWipcfm
Protocol: H2
Server: 23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-12.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFuwPNSqqdpuAV_dB4EZ1H0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 56A0 23 B
163 B 47ms
46ms Image
image/gif 23.211.8.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLQ0tkCEMTz8JcDGJfY_doBMAE&v=APEucNVfV717wT6RzyEh_NsdoFR0TjOkdZXDeh9ePYZBYWivUwgNej_Txdscg-ryaopaglui8np13RI55YcgN9W1WeZmsXbR6BSzvpqIuNNeF0lMT2JUpfQywjIRxMcziDzgyGMf3rShI4SLByi2jFfHSS6rpLar2GqUoMdXtpLlY8PmWBKwOdmVvIU-qBToCZx4dgWipcfm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-12.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 18:30:34 GMT
pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3073 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlDIYysDHZYSvEKGU1PIPn7m9mA4AAAAAOAHgBAI&bg=!8fKl8r3NAAaxkZ3akZE7ADQBe5WfOG9zriej5-mh4axdaf7W6KjA83ZX2GVPpMcH9c0QGjg4RH9AHCJwUzjeMcJE6rEcAgAAAHFSAAAAAWgBB5kDGVPwDNJOVQ5IELFDmBiKsXuNLq7EiJMlRKtWcFlP8WLNLQWmcywz5GRqk3dAseJlJNRy1JodKnjJ-pxL0WitfcrJ3A4vX2QvwuupgmBU9aBlLPRgvQXsLiPFJgcN20fUCmvRTiGPlmTuZL-nIo63UA4EOkGq0EX7slgl65spN6iMdY5iuz1wcySG7eDpWu-JcNm4UYc6wRBlocQV_Kp4YiK0ZIBaNlL0JnO3v2M8gjhOBEoHnCpJDV1msBaXHiiwnikRFtijvQ4iR7TlzAI-9axH5gyxkXmxP04dtbDCya-gACJPONg-F1XEp5b46QxoREADgAf_b9y3h4IPTz0SvhtaUBGeVxhbIWwD23rkU-Bm25AiaLcXTVOS2gqklJYO446os1sMfQ4j-C1X7mAQzZ67YEfAzgOoa17ql2YLv3UpqL5E-sPHeExEEbganbi8rEDWQNj_LOQHDfn9e-rcY70G3beadyxE-fVl3JIaaOkoT3b6wHWmQNK2bw0iFB8uDQYRtQ0ry1suqDc-OGzqiwjBXJ5IJnLF4-XuUWhHXDh5QxgdgbBIUK6rbc-k30QgkqjNuByrZnQoNAZQ8a5FBkYTFYHU_NZpUKVG-MpC6df3ysX6PHKgwQSFBduvQOcMbJIV6vLjy00kezcrLYJ3-CCTGNawfGl4yjKOizwGFeygIoJsQYqm34niWsKjOA6AtvJaefMxaXgu7TDp-CdLWyEUUigVk6HtnCJs0ARjexXhP98yWq1Wfbs2V6Z3TdSWKv3nqDtVuzsuIAFfezrGOZ6IwiV-Umh-5xrVYFABy72eScdJFmQfEhYg3zGvcbnx46fAQXuPZI54Ce-JjCWph_jdKlPhub39eBiPqErpTMrLteEaKG4OKOWAU-RCn8BlDtP3A6fWZNuT_nrZhg7GWXFwaU7zkdDQ4ebvOAOOHrOaKpC6qRGEN384Qql5_DpBQzWcG13sjBea6cl3oTFFiyEkfV5o87pMeCzhknY1QCX1I0guJRwasV6XKJjnvWxfpdeZZZh4NHNbc43gZXzBzk_UfsGmXuYqFVQ

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FCCF 0
20 B 62ms
61ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4196791613800&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FCCF 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4196791613800&version=m202401290101&ct=76&x=1&cor=13446904302632907000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FCCF 16 KB
12 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3fkSEYEbyIKstI41t303QXF6l46gOfcRv8XaBAS7lMxIjkIO2zyOc_6W6D86twWzUvupkU6H6jLJA5Miw_cncVnT-5JikZR_9r2SXXIt5RnBxSGnCdkeJ9bQNj2lqXx9UyRtR6H-GsAbSmqZ5guDyCXVGXlkkVIRCuCLOtkF64lAm5xw&cry=1&dbm_d=AKAmf-BhSrlZupR4CticQUVQDS39lhx8vdA1liNEnAMrwey8KG0p-yveX0ELdpk3s1RD67NNqacyKoSlYUqSTMyCrp22RrDkbSrRFGZemqt60VxcovTOpF475TD-bCxKPRf5gmPWzxzJYNA6E1A0Sh5q4psoHYEZUHhV9GT5bB8HmY3ZSxymv3xujixeuYbRYkEt4pHQgU1seAuo8HTvSjNQ4bXBXm69m0euW1Wv_6UnSqXxaktv35VRauMIfm7ruCghSHCLr8mX6zvFhS2gSPrBoa3mdtajxz30IOlWU76t-MJ0SLYtaVhBHojEgP7JMD9O78b0eNgtPLXWvaRLF_LPtwLhJ8MsOB9L5BFIhF8FzKAqC76dK_0NfWCvA6tiWeV3g1wZ9kQhjr6SLNDfYfhIAw780_hsHpsuAt-U31NC1IKYGFdunH8PxnAQoNbcNqDWr6FHmuqplaMvEp91CbFhKKHSvoNE4v8zTLApT8zHs0Lm2Tj8PpfajC1wmf-HAcYE_yA-TFnn8PBtsVMBE3FoyDtLI1Oz6akNoXv7dw1QXL2arzEQ9HWPxrqr3_r-qkN8KTaLZ1vrz9GKQD9IxSBH-a8slUM8T-3CrNE9cXQqSokCbuaeXrAFTya50Vqr7c8FTs7ScxKv9_HbJWWmU1zU6mA9K-sivumTQXfL2AOFVC1qOHBTBlK5-hls4LZhQHJFN8wPwQiyLvK_2pR1W2HNZxrHcBIH94otpHXwmVa6uHCcq-gIYZEhIZnvQFCjBh2SAleNXGH6mUTxgz59Lf0mwIhEyNx1QwyjEJjwlYGuBr7hQfj2PO6oHdzvA4y_WZhxkHRJHw0fD7NyUAYwN5J6gYekya72AnXxAyIf7HfFrDBEBsrTalQYIG3Qa0XfiK3A76qFsDp0gxa3YEJuqllKQz0d-5DMcv0kKYf6E_3OBCNVmxmA8Y55I3KMlBjBXDbKZQPIOSAvYWDeoqZrnj8JXIBd7uwK9QLrB3ZqVRLLtxCXc_VEqyzVGSdOHVFq27jaLExH5vUqkgvCNJp2fLHoNSWfdQ9wq75akoy1ArbVpkUxKp1gO79QycXuQSGMDPQP0hy_KYaOYPCKyeZNZww4R3R74p507lBdhZpas2LZlc6sd_GZkezECnZYyiRWd2yw_Ww3S4S2SecsHzTABPZmqyg9nxRr_2o6oFnboEJEIYRWjWCCaWpDWyJDcuaeJNCErBfFoBkIwoGpuK37UB8eOfXT3IPF_mYYHCzdwL0VhD_IFq45Eu-fUH3_PeTBV_Mn-2E-BS_EKA8O0xqx45MDb9VJVucd5SHXG-Lujjjs_vuJiZNJsk8zhA0Rcg-efBZFECGIOnbvb8Px6d6oFoJgDhpjrovfx-MxGURiKjb3o5qfO5QOANr2nnoAtprbcA7zWOpWpBgVi3DuAJdy3f3b6tBAS5GwbojqsHsXAVAA1yh0NQrrSPQ1J7VfAicsfmQ-EMebC-Xok97h-2vcCIp8SmCD0IpvT_iXdqNa6y5j9890zv4VgqdMdqQJk945u79DKMgeE57zFNpoBINJkPRBTTyGYgUE85BdI2l2IJ7VWHvI_fM0g115J6t3XdpBEq4EXYMm2P9tXv9BlaxBHSBk2tgmB0L7sC0xnfWNQ7K7SBW0QgWnlHoI-ODpCvZoaEJPP560LrwRpmek6M4Tss6ajI8pD5vKPkj795yfuXZxtfpNDm7an2XmZJV5IeGUqUc583EIPPh6g_WdRbHu7y8Dpy6vLbfoe3IyC0-oEg_BD49LaktNNKq_hBi4eMQSmB7LYR1St5k9ktsM3Uz5PAH3GY_qNGkpjypQJsFBBCKxuhYOO1oeieQEpGaBzYwnAuENYJKCgFHoNCsFX1O5VPdGWZWdfILtT0RrUySHdMjGhCTGjruz2px4wdlCy-eLtwGhi0T0jq79slwiNWKvn61XwsSLY7C0Z_sNGTPg4f4pKYFSJM-QsXtKWj-xFBoiiOg-D6Yv8Qe4CPT8xtqYt7TdT_xkKT6us4RIqbinpmN0r3Wa-t83MN1PohndWckxhAn3TaJ1U3sK7OJdT8EMUDNkr3KEda1NV5yIyaN5sDR54xhb2_LciSAFvOP4TvFaXB5JqLZQycfho-NJbyGQ57Hhym_PqXmRqX6U3ED2xrV_R3gyH4BsN_257uhzzyNPM4XGWlO7f2zvknIXjUxN3LC3YDYK_7yS1B13T__dwU6PgCeKWj7kobGLZDDTYn4TXExtzBggH2G2xCxO0An_Hoq-Cv85AhPcgf5Uqccen9AQrTtIegcD6yaAqf3G4y1LLkUSrhfG3u7aFWSaNONUJOhLa6N8gTXwqZV3bxgfs7BdIULKz3aUlFDht6oXvPwlA3EfTc34cuMh7cSOpK2yayEx7ORd1oyV5SvRQxntF-nYmN5hSUr4dzzBq8eL9ufzzTQM0Y35w5Ddmm7tq5w70FvVWvzFDOwZGmxAVPWd4j9kxV_KlxrhlNmX7JZ2Ls9tK4feudzgU1mu_LO138J8AoYngLEtiWaSa4xPBdn3WhUrJpamoitsIzuc3xJ_oPidd2C5UT_MIvQJuuFrt2aEjoB45T41BMPtY8eMG9w1guQtuWUtwKzAvb6sAjmjiaPpvPH37ANqB8IFpsw5gjPEZZPwynLFI7jOYDWx2U-8pSKNrmRpBLqptRcqNbEsv2SShi9yNQugRs8B1yENOeLnjiWyQGVnvBrkI8shsNHuVmvAh8J_aoL7TiSQu_PlnRG3QY4LzdT13Io3dZKx-KQaxwatgqsdEbfza9-_e0TfPsHL4Y3Y7BB-j8tsBkWvIGRDnSurQ8fSM566iqTMgwIMzyy6DqbBmWyy_I0EE0ZuUANXukMdlUt1aXmEP_1jtDjYg0NTLDRitNVM8RW8RvOfD2doM_hamBcjvZ31cFFoDyPnXzs1L42HQ-nkofrSJL2jbvP0ayna9vARflYB5A4qKQLdU8I09bBQSwCX9oBqm4W-b1m_AinnOd43DaS-GH_xiQY4-Rh0Rbhkzh3_hc6sD6Rk0vnrnaNMv8TIEpw7mINaeN55Bops5mo&cid=CAQSPAAvHhf_pPw03un0JLtl3tSgf0Qtw18M4JBMF70AOXjgN74qEUcJ0XlWfXTyL4i_lCmLiAwtQ-O85UVJ-BgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkooora-lives.net%2F&ds=l&xdt=1&iif=1&cor=13446904302632907000&adk=929882888&idt=105&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e00f245ca664217e830d983f4b75f49a8a38f13351627c8c8a894de76ca380c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12509
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ADBA 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 CES_BlueBeetleACQ_DISPLAY_970x250.jpg_1700226009418_CES_BlueBeetleACQ_DISPLAY_970x250.jpg
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/654e34474203161be605883b/original/ Frame ADBA 103 KB
103 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/654e34474203161be605883b/original/CES_BlueBeetleACQ_DISPLAY_970x250.jpg_1700226009418_CES_BlueBeetleACQ_DISPLAY_970x250.jpg

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af09a809d949cfdfd850d8f46106697410c89dbe78fbf9f1fa666c32fcb4588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 13:00:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 18:30:34 GMT

GET
H3 200 gradient1.png_1680108361463_gradient1.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e90698820d11e166a/content/ Frame ADBA 5 KB
5 KB 24ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e90698820d11e166a/content/gradient1.png_1680108361463_gradient1.png

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2685717d5810d2a3a65af5815003622c16f3d1977cf64d4081cb334d66298a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 05:42:54 GMT
x-content-type-options: nosniff
age: 46060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4832
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 05:42:54 GMT

GET
H3 200 blank.png_1680108361463_blank.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/628ff4e29b1b74f9cd012030/original/ Frame ADBA 927 B
956 B 22ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/628ff4e29b1b74f9cd012030/original/blank.png_1680108361463_blank.png

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:58:36 GMT
x-content-type-options: nosniff
age: 34318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 08:58:36 GMT

GET
H3 200 gradient2.png_1680108361463_gradient2.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e90698820d11e166a/content/ Frame ADBA 5 KB
5 KB 26ms
25ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb6684bc6ca0a9881c003a8160b2797bd01c8d8c1068a72d2cac485f2362472b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 05:42:54 GMT
x-content-type-options: nosniff
age: 46060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4965
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 05:42:54 GMT

GET
H3 200 bg.png_1680108361463_bg.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e90698820d11e166a/content/ Frame ADBA 90 KB
90 KB 25ms
25ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3308e3fec71a470538c3b6671f6ba57b46cc8ca432e5b948a71be14857f92c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 05:08:37 GMT
x-content-type-options: nosniff
age: 220917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92513
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 05:08:37 GMT

GET
H3 200 blank.png_1680108361463_blank.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e90698820d11e166a/content/ Frame ADBA 927 B
956 B 23ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/index.html?e=69&leftOffset=0&topOffset=0&c=9Xh6L2QwhY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:06:25 GMT
x-content-type-options: nosniff
age: 1449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 18:06:25 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FCCF 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3fkSEYEbyIKstI41t303QXF6l46gOfcRv8XaBAS7lMxIjkIO2zyOc_6W6D86twWzUvupkU6H6jLJA5Miw_cncVnT-5JikZR_9r2SXXIt5RnBxSGnCdkeJ9bQNj2lqXx9UyRtR6H-GsAbSmqZ5guDyCXVGXlkkVIRCuCLOtkF64lAm5xw&cry=1&dbm_d=AKAmf-BhSrlZupR4CticQUVQDS39lhx8vdA1liNEnAMrwey8KG0p-yveX0ELdpk3s1RD67NNqacyKoSlYUqSTMyCrp22RrDkbSrRFGZemqt60VxcovTOpF475TD-bCxKPRf5gmPWzxzJYNA6E1A0Sh5q4psoHYEZUHhV9GT5bB8HmY3ZSxymv3xujixeuYbRYkEt4pHQgU1seAuo8HTvSjNQ4bXBXm69m0euW1Wv_6UnSqXxaktv35VRauMIfm7ruCghSHCLr8mX6zvFhS2gSPrBoa3mdtajxz30IOlWU76t-MJ0SLYtaVhBHojEgP7JMD9O78b0eNgtPLXWvaRLF_LPtwLhJ8MsOB9L5BFIhF8FzKAqC76dK_0NfWCvA6tiWeV3g1wZ9kQhjr6SLNDfYfhIAw780_hsHpsuAt-U31NC1IKYGFdunH8PxnAQoNbcNqDWr6FHmuqplaMvEp91CbFhKKHSvoNE4v8zTLApT8zHs0Lm2Tj8PpfajC1wmf-HAcYE_yA-TFnn8PBtsVMBE3FoyDtLI1Oz6akNoXv7dw1QXL2arzEQ9HWPxrqr3_r-qkN8KTaLZ1vrz9GKQD9IxSBH-a8slUM8T-3CrNE9cXQqSokCbuaeXrAFTya50Vqr7c8FTs7ScxKv9_HbJWWmU1zU6mA9K-sivumTQXfL2AOFVC1qOHBTBlK5-hls4LZhQHJFN8wPwQiyLvK_2pR1W2HNZxrHcBIH94otpHXwmVa6uHCcq-gIYZEhIZnvQFCjBh2SAleNXGH6mUTxgz59Lf0mwIhEyNx1QwyjEJjwlYGuBr7hQfj2PO6oHdzvA4y_WZhxkHRJHw0fD7NyUAYwN5J6gYekya72AnXxAyIf7HfFrDBEBsrTalQYIG3Qa0XfiK3A76qFsDp0gxa3YEJuqllKQz0d-5DMcv0kKYf6E_3OBCNVmxmA8Y55I3KMlBjBXDbKZQPIOSAvYWDeoqZrnj8JXIBd7uwK9QLrB3ZqVRLLtxCXc_VEqyzVGSdOHVFq27jaLExH5vUqkgvCNJp2fLHoNSWfdQ9wq75akoy1ArbVpkUxKp1gO79QycXuQSGMDPQP0hy_KYaOYPCKyeZNZww4R3R74p507lBdhZpas2LZlc6sd_GZkezECnZYyiRWd2yw_Ww3S4S2SecsHzTABPZmqyg9nxRr_2o6oFnboEJEIYRWjWCCaWpDWyJDcuaeJNCErBfFoBkIwoGpuK37UB8eOfXT3IPF_mYYHCzdwL0VhD_IFq45Eu-fUH3_PeTBV_Mn-2E-BS_EKA8O0xqx45MDb9VJVucd5SHXG-Lujjjs_vuJiZNJsk8zhA0Rcg-efBZFECGIOnbvb8Px6d6oFoJgDhpjrovfx-MxGURiKjb3o5qfO5QOANr2nnoAtprbcA7zWOpWpBgVi3DuAJdy3f3b6tBAS5GwbojqsHsXAVAA1yh0NQrrSPQ1J7VfAicsfmQ-EMebC-Xok97h-2vcCIp8SmCD0IpvT_iXdqNa6y5j9890zv4VgqdMdqQJk945u79DKMgeE57zFNpoBINJkPRBTTyGYgUE85BdI2l2IJ7VWHvI_fM0g115J6t3XdpBEq4EXYMm2P9tXv9BlaxBHSBk2tgmB0L7sC0xnfWNQ7K7SBW0QgWnlHoI-ODpCvZoaEJPP560LrwRpmek6M4Tss6ajI8pD5vKPkj795yfuXZxtfpNDm7an2XmZJV5IeGUqUc583EIPPh6g_WdRbHu7y8Dpy6vLbfoe3IyC0-oEg_BD49LaktNNKq_hBi4eMQSmB7LYR1St5k9ktsM3Uz5PAH3GY_qNGkpjypQJsFBBCKxuhYOO1oeieQEpGaBzYwnAuENYJKCgFHoNCsFX1O5VPdGWZWdfILtT0RrUySHdMjGhCTGjruz2px4wdlCy-eLtwGhi0T0jq79slwiNWKvn61XwsSLY7C0Z_sNGTPg4f4pKYFSJM-QsXtKWj-xFBoiiOg-D6Yv8Qe4CPT8xtqYt7TdT_xkKT6us4RIqbinpmN0r3Wa-t83MN1PohndWckxhAn3TaJ1U3sK7OJdT8EMUDNkr3KEda1NV5yIyaN5sDR54xhb2_LciSAFvOP4TvFaXB5JqLZQycfho-NJbyGQ57Hhym_PqXmRqX6U3ED2xrV_R3gyH4BsN_257uhzzyNPM4XGWlO7f2zvknIXjUxN3LC3YDYK_7yS1B13T__dwU6PgCeKWj7kobGLZDDTYn4TXExtzBggH2G2xCxO0An_Hoq-Cv85AhPcgf5Uqccen9AQrTtIegcD6yaAqf3G4y1LLkUSrhfG3u7aFWSaNONUJOhLa6N8gTXwqZV3bxgfs7BdIULKz3aUlFDht6oXvPwlA3EfTc34cuMh7cSOpK2yayEx7ORd1oyV5SvRQxntF-nYmN5hSUr4dzzBq8eL9ufzzTQM0Y35w5Ddmm7tq5w70FvVWvzFDOwZGmxAVPWd4j9kxV_KlxrhlNmX7JZ2Ls9tK4feudzgU1mu_LO138J8AoYngLEtiWaSa4xPBdn3WhUrJpamoitsIzuc3xJ_oPidd2C5UT_MIvQJuuFrt2aEjoB45T41BMPtY8eMG9w1guQtuWUtwKzAvb6sAjmjiaPpvPH37ANqB8IFpsw5gjPEZZPwynLFI7jOYDWx2U-8pSKNrmRpBLqptRcqNbEsv2SShi9yNQugRs8B1yENOeLnjiWyQGVnvBrkI8shsNHuVmvAh8J_aoL7TiSQu_PlnRG3QY4LzdT13Io3dZKx-KQaxwatgqsdEbfza9-_e0TfPsHL4Y3Y7BB-j8tsBkWvIGRDnSurQ8fSM566iqTMgwIMzyy6DqbBmWyy_I0EE0ZuUANXukMdlUt1aXmEP_1jtDjYg0NTLDRitNVM8RW8RvOfD2doM_hamBcjvZ31cFFoDyPnXzs1L42HQ-nkofrSJL2jbvP0ayna9vARflYB5A4qKQLdU8I09bBQSwCX9oBqm4W-b1m_AinnOd43DaS-GH_xiQY4-Rh0Rbhkzh3_hc6sD6Rk0vnrnaNMv8TIEpw7mINaeN55Bops5mo&cid=CAQSPAAvHhf_pPw03un0JLtl3tSgf0Qtw18M4JBMF70AOXjgN74qEUcJ0XlWfXTyL4i_lCmLiAwtQ-O85UVJ-BgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fkooora-lives.net%2F&ds=l&xdt=1&iif=1&cor=13446904302632907000&adk=929882888&idt=105&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FCCF 172 KB
60 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Origin: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame FCCF 12 KB
4 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU35Q_HGImOUmXEPoYhyJWablCl5RxlVO3OawbQrYmsgd4B-So&d=CpkBAKAmf-Dbbnm5AvRvFlr3Cb2Ud3wd111VQoFm7W8czdw612-4mQ5tGZt2dgOZjBcTYQwX8EqJa5PSmX1ximIhU4DWzqg0QgPtjHtp8PWsw8woA0X0jLKgob_w2aSK8XmE824mKBNQGNvpOxJR6067uJBbRpU22Lh9nU3QdZn3jNkDgEHmk_0CaRnflvnuQahhE0OekWOGz9deEskVAKAmf-DsJpeISs02yGUVohmSfGQ_9_FjZJ5BTIn7gkWgxZHzpO9icHdZz2h5zmf9UqBrqROaIH3nMev4pnEhMQjMtutK8L4tHzvEG8u8Rf5USGQBdWV9YiA1EeB2XQqBRqz14498qKc4-VnQUindp6nMWbT2hbg8tc6e4GqLIJUWeucgQ_DlbJqruEfBxsB2ZanNqTu8BOsbsXNIVQoMSoFxvRj843LrbdBJty7Nyccb9YF7Blpd6z0YUPUB2ATvvwp_VYLIOK_eQ-_04xg59C5-5eqp09F18tSSOAPCZzggYB1Juloe_ZQ0iHB888RQ5D6UxTAVnbVv_9rqOcSw3mMy7eQFqkEXvI3WaV0uIgPy8vcLFfVM0RKfQm91frCL4WDAGk1lLjLVH7nI5tkM_QOxw-yF0x_M6QgNwTTthaROMbqq8-BuflJthDFX3IGK14hOfNw1_ByOJ4p2P3cllNZjkVO8eXsoHtnCLx-J7rWVZw9dZWSEZD8YzdU3UYFA2xd9Uen5rdHJNOClx9S-sZHZ3JPMBQmSfuyra2VAsgts_XHssFGHLsFnt44pKaDzarZTxgjqV6IJXkjzTlOxqompuFXNGGHKk444HvnwE6Nasjimzzjm4dMaLVOPOcjhIaHAfh8nG2YjAsBx2rwbkofgAEYVUVWH3EPNX092swG_tImEhmMXUbJXA8PKM7rEIXT6zsoMf3DLnjE3vAs4eP7F19kgSuquNXERoTAcR-6XELkKvwymkmSpQGbO4jiGU0Knk1eNohGDPJvzUiAgsBwcRotBhw0nfLt3HBSzz3G_CpTzRqTdPGYIaItscAjYqn_opWkEOunoc7wr3BZ1u3baJSt8qiw6RFPOMvyQ8BHo_YFwgwgtW5Cb4Nm6B7FD4OHk-3rN30v6uPm45jadynC58YC57KHuMdZFN_uKfbTRPTuQkqOwHcTbK6rimm6R_GB4hJraBJejoXq0Fhz_mAjpK0QQ5CLASpRG_fuRZ0W9TTx_yWlhT9B4v8U99r3u2uePr6TcxQElQygZcAXA5yDmdK1s5hihoOpQ9XoRyC-0Cd56BEU6nNljvNl8Pt_EjwUEl8cMpEfsrpI8bDuB3Q461NabDfG5HCvxLEk3PNxjLCY8GhG4HdWxSq64gXTlMowAbThNoMGnXQ-v0pVesQKoGOJQjeDHbq7gSmGmwoi4zLumPZd_MsVgpe2w8lZursIYTJSoii67llN7iJKxYK-U4vLjYIZUYsu9ozjEFK4CxAi5fWQZDGa8ZIF6ERhROab8JlT7KDjEPX_caqlmyJbqb4tJxHsci6oO38r1XQ4YNsVpgVPZgJbhGJS8-rCJMEEsA7JYFFX768_Zzgw2HiZVWILWgKJo_1WtpbWHVXNGNEGFqCErLN29inJSOpOYn0sc4xxrww8tlpFOXftFpYQooHPRGENvZIbWMpZDH2Onxsg0-F9l_J69i5tGPBllYpbI4hLmmg6Chf2FOs1m9LlTl4J7eKQo0eJGzj2mVYQpUJiuEODazZkUa_XTKPN8kQmLw06o6yxbWiLryj_k2uDvyKb10W2Wf6IyAFxMjxbgnhzqxjdn3G7hryJyTopqKdhz-dFfEJaCuaXM_vjyljtflEqbShXhjyxaR_FiOXgz2NbLaUUdXA5-7RpqqwiOrKP3WOwY0YBSCi7IJqsWmBlj_jjGGbte_zSHsABOxahxPIlju6bHxzNuo0_zkvF6VUFkLqpdGgJ0Gmi5XdzqlzWN9Wpy5mJKHwBM6pCZ1o75h1EzREPgeyb97HZP5D0-luBYxWE7sWvhbiXNnaIMUQ97DlFkiJ7dnq_jazCpKa9krvCWgSRYpBPoRU0vR-z82pOdzBAnOFhxqWR1VoJkzoL7j6B54vre0iXWnQUh4W4K0W0SzXVokaTOjWuFu2wA6ZLh7-F1iAeuX60ahGNcJVIsD0upAF_YIkD6BEan-qnxwGZLVGurFa49VJ9XTrSQciWqitDhK81BtMNpP9moamPSeTfp-slR0fZSWVmwHd9wO5IeZp0aMvKEYfvs8eLxWAUuU9sYOorA6ualBX8yAOwdeWCVChsVtxEc-domb60zlaOw0MLIqyTPcEo-oQQjh0aI_yC0W_wVgnvbPRwAH3EF9qEOipsdKrod3x9Lk3Ei6uZ6UEY0lLuRBqPZls3ZK-GL6DmvQPF1sTZk35fqiCk8G8BF5X36xZbl1TnX4KZw6eH3lr0SUUbhTdlo5zE6SoZ_6ljI-g0AOav1F3qhWnkZ3gnicnrvn3cDEgrj6UWT21WBJvM1I8O961bRdlD5pg9O1LhFQYdXkGMKFAN0wSzaz-IZE-HW56oTIyEcpUm7YZ5eoabq2L8-W-_MWey_4cQWWi85UrEvfq69cdMzKt2y58e1aFV4ORqk8AQRECf_mu8DIyfKDfSa5Kh3K5HnL8_R-3cb3MhhhUrjj06z6dSg_gJ0YY9r0zNMktofNvO3r4L6Hq4WR24Xb6hQsQm7JK1WLaBCWhBSQf3e2-YXqy_m-96ZYg7N4-vOwcbf8jc1gkDHVs94WZYPNwFEdhdZtE017KS765Rpg80gheGHIpajZwpld_QUjW0qJnokT-_TA0A8uvC7HP1JBvoxpyHwCduovibrUML2Hcth-gKN8YMhm9KnMtqvhKWxWT-FWrWzMUvNPwVdhHNCDSpN7rDOltR2-2ibxWl1lIPtaj3HgjLZ68leZSNymaZmfQZvrpaQG_g9hWI5zO5rQuFKwp8AF5MTtWvDn4jVrz-IkfduzCLlM16cmaVVyhSZ7gANjCaklsvIlFIEkrS87By0E9oPcqoY2r86N9eFUpju-VYWNNG7PYBYd3TKvIBxnWhiiJ0PzAqNi_8gfhkcSCI1Qc18kKAn3hJIgu9ytWlRja0ctGmWoIfiCwe_XES4o-PkiW9NT8ZkkBtkgR9q98QGrgPoDk1xmFNkpsAC2AiA0GQYobyn2RzyDQbm3wfJGfEk7vlA5aNZhESj-5YaylQXeepVCDhaVSD-ocbuXUQrW6RtWuecDMdJk5NZH2W4qF4HHy6b3p4GGsUh_KpB6zs1nmUljh22DV__ZLtECk7lh7HiHuTiVfYd-BciNZMMN1-79UyNAJa-MwaLqMsvBxkNPZ3uGzu6XDhES0a_n6ApKYnIud7GFdyT3vHDJyJlJFTtyOsWBmbQuExz0B2xBb8jf_DLwd8ng_KwLaDV45R2BfvWaHC0r2Fgvzf0pD7aIBzPzJnNV0nLT_Y9ErAtO2ScC9TR5my6KO-x29hTRsYgP260Oan7-WBCoAKdzsh7n2tsFXZ0RpOD8WDlKumRlFL4pj7yJkrdWcydh-i8c1hH5bcE-zn00kV4YQdhsgk49n8d7KUwUsLL9Y75xS-Eyg7j5dJvjfsgaHHRqcX5zyxxySVt_YyxlRk4meJqcwZfS-TEDs_nqASWhM6KGe-w7LbqfzaKsjoqzypMsHICQ9ugEvGPjvsv2dn9-w-VyzMWUUNzvDL_GN_bIbja4bIczPIUNf0b9fjlS1IljzblRdvGzxNWdFAUndtlB3fSsuSOBPn1o0lKhdJ4_HA4-jwGmNSPt4GCelaKIBQhefi_KQvJSlvaJSxFO8Q7fNI6bgJH-aBJUNiCJYntdM7X4tUNGWPo4E1FWTvxuePvc7YRPdOBVtUFHU4gdZzzwMVujBpCCAQSPAAvHhf_pPw03un0JLtl3tSgf0Qtw18M4JBMF70AOXjgN74qEUcJ0XlWfXTyL4i_lCmLiAwtQ-O85UVJ-BgBYAE&cry=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 23:49:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame FCCF 31 KB
12 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 21:49:59 GMT

GET
H2 200 main.19.8.482.js Show response
static.adsafeprotected.com/ Frame FCCF 216 KB
67 KB 31ms
31ms Script
application/javascript 2600:9000:2450:3800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.482.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1849103/76721142/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https://kooora-lives.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j1lhCB1Zc6RfqiVidDUwNt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:3800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c734506c7a756dd56e13dd279f299b8f413fa31ede7c21a9838505f9185ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:38:24 GMT
x-amz-version-id: iE_sqkP30JeH5eHImETxz6dpr.fcRgOD
content-encoding: gzip
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 93131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Feb 2024 14:23:41 GMT
server: AmazonS3
etag: W/"712469e9c505b1706bb963af3a1c913c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: hR_RjGlE3Uk53tvAlkbelLWRrOnBaziS7URapNNJiF_6qZ9NKAc4bQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D829 1 KB
644 B 31ms
31ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 33424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sun, 11 Feb 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 773C 38 KB
13 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 64784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 973D 17 KB
6 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 383B 0
0 69ms
68ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsusNxXo9ljQbbN9Z17UH5CuZRLgstq1E3rMlgsQFp-HvFyCeL2kYHDugkrzFtBgfo2_UHK9InudAh1BdW755bjjWn20gQ09bW5IgdBwUb1gJtUIYpgXwPVljq5J7qnTBV857TPW6Hm5R4X4Tlbr56z0DWZoCApE818WbbPbx1ywtQM58bK6DJsy1YATS6-oodvKFLnThupLq0RE5aBhUaFHvqoGh32tqwJEZxSfuZue0wWwOlW136RNxn5roHGcZEgDX5tZN6afs9HcJln6LgRhx7ysZxZXNdNpYKYRU0ipfOpuy_HNbxWNpQ_C5SB2hpXyOfjIV89Bo_ELr4nXPKjvBHIXcz_hwqOou52F6YZpVGZNZzAq3PFknnU0Zgb-ideqHfkxeXqoAnjRvIiAVfnQoQ8mdz_KaZy7Vi8vvUZHdgjhlpzqJX4Fp8ODp7muk6XfwHyGv8Q67f8uqRoVkm4wLdsE4k_HUN0oOQ7T24ykJGICRzdY7MtRIJOLC3PdKrxrRLRPLFJASmMP3wIh_l2Zr9MCd9IdFg_i7pTfK38S5w0jQ7-3ZuSdKt0fMlSTjMprJCHwEFkY8en7bbL0_lv4CJXUl8JLMDmQ4jOPxeJxRz4xp0o4ioOEoOiU7lOSdEOl_-8DvqVqv4wmUCVzWBP9WZR3OaaGHshq2xFH7maylg6267mFkSmWdAnoM2M_RfDOzM73j0-mlSzsT3HvHKe8abMHJAAu-jRxD3Z13ANZYnA4AdvPoJGqFXy7_sQtwINXvBI9d3J3n-AjA8zuktpqX_XKCORnuuFw6f7nUiF8XqeogPXLsWysiwXBiwP-7y6Riwi5_AnZIvw4xP41Nx8tRiAvrswQP6P675G1UdvhmpK7oCAsIKg1Q-Pdsf4iGJbSfgKvfZnsiGlN-c9ooeySkYLVhDn4MJu9VZdY6H8o4rKDLyBGjdUD2bhyloFRNrrP1HFJzD-4yaZTYflWD03GFJsZCsf-JRKWYWv5shJ0-8JrWYOF6EJ3nVkYv9bL1nvHmXtogLMiZ1wZthdYOMvaX1T_znmU1xRQFaEQI-vIjQpkJr9Ck2mzzUAKLbVIJgcktfKWIdI-SqfzmUoyDVqWCxZ80XW6RdZf2_yr3eQ7Sp7Zffp7o_nhjwvQ_SfM9MCf3y4v8q1Bf12B1_7DljIpaM-jIpIizzOoQGN1p33I3TfNMgP362hy48TltbiSVfFmknePRfDny9ECtbBbOeZYopyJSMFP1PGwDF9VTAv8gpysFns4zdSZG-4ZfpqPJub9CC_u7Z7vLNbHiyhcdJFuTFC6eYNWZfFeTqRz9XiRNBgFVBzioXVou3CIBQ9DB__n221OxPhYl1tpAI1EC5ewVq8jEROiEM0DKksOwhyLEKs90P1mxDc&sai=AMfl-YTeIaOAlt0V31EE5x6zGZxb4yVqJsorXVGc96876q759vMJJgkCJRHkG0-I2jMhSrUEchUJUbUOdP9K2mutW08-NGssmi2HEvwJZ5HAM6a6LIrPqOhX3eb55u948-10_fiiP7RmVeeuyOPjMRV1KQCFjdn8M3cOattdfZcUoCbE_n_4VqP5prs-0JM89X-fcTgFYoQVKULoAiggrqHrUFwsU5QAqFfQ9ojJMCExnB-_Xe2Lh0FiDDPjYSqBqRyqcI5ua2ccADrtkPY2cUGHLhjtQHTENPn0XAT6fWkv2yCn3s0R4z4800qk-FveXZCd9wAvG0VeF3jQb6_JSACA-YMUUVEaHbyk650O1BdJ-I9jP9aiEikYn40kOCs3rrApIdmli6c2gYHCC3Ywkcwf9Nv4DWW57vWUredPaZWWcGNn5ZdwbDLT0OyU0c7K2MXbxReuIZaSYkOqId3P7GfFQ8C02ICCYqOntZrxISQyumOBaAOeDFs-BJnWLdm2YpCndbU58X1Nx1IKLA&sig=Cg0ArKJSzH-yCOL_taQEEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zdW53ZWIubmw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=788&vt=11&dtpt=733&dett=3&cstd=51&cisv=r20240207.55329&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kooora-lives.net
URL: https://kooora-lives.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 Gilroy-Regular.woff
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 38 KB
38 KB 23ms
23ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/Gilroy-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51fa808e1c12083fc9673a294360eaeaf7c98dcb215bee6798d808c0abf634f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 12:51:00 GMT
date: Fri, 09 Feb 2024 12:51:00 GMT
x-content-type-options: nosniff
age: 106774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38772
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gilroy-Bold.woff
s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/ Frame ADBA 36 KB
36 KB 21ms
21ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/Gilroy-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05023db04b56f3f423eec0da9c5f2f9fb009eaf452928ed42f07f2139d65aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2670629041408573440/970x250-HBO_SingleTitle_DisplayPrg_Static%20/adStyle.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 14:00:50 GMT
date: Tue, 06 Feb 2024 14:00:50 GMT
x-content-type-options: nosniff
age: 361784
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36680
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 52CD 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 12 KB
3 KB 33ms
33ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72268ae6f8e144ee3ec171f4f95bfef8b5e73b4ef635a51caae51e9e110483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3405
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 18:30:34 GMT
expires: Sun, 09 Feb 2025 18:30:34 GMT
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame D829 43 B
403 B 190ms
189ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGn0sbcqvLw8EMWytKs-61g&google_cver=1&google_push=AXcoOmSmkf5F8_1DdLUw9ONSGotjY-JaC8Xqwzg5mc2HS8C_QtknFMmxBL_A0yjRNNk_WVZ7YXKCAaXgZwbrxjqQf7JU4kCRvX_u&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSmkf5F8_1DdLUw9ONSGotjY-JaC8Xqwzg5mc2HS8C_QtknFMmxBL_A0yjRNNk_WVZ7YXKCAaXgZwbrxjqQf7JU4kCRvX_u%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85366c933a799174-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D829
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM9zQiO7tfapT-x3DdYg5t0&google_cver=1&google_push=AXcoOmSYjfJ8GtUuqoKEWleyqU-7cZ8MH2A8GpWzWaTUxEuZhzLvrkvpOuTmGu7Gq13J290UooL18eUeixpDNVAYLePivEtSJA3z
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmSYjfJ8GtUuqoKEWleyqU-7cZ8MH2A8GpWzWaTUxEuZhzLvrkvpOuTmGu7Gq13J290UooL18eUeixpDNVA...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmSYjfJ8GtUuqoKEWleyqU-7cZ8MH2A8GpWzWaTUxEuZhzLvrkvpOuTmGu7Gq13J290UooL18eUeixpDNVAYLePivEtSJA3z

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Feb 2024 18:30:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=279AD19FC30948CDBD7635D076F7EDF7&google_push=AXcoOmSYjfJ8GtUuqoKEWleyqU-7cZ8MH2A8GpWzWaTUxEuZhzLvrkvpOuTmGu7Gq13J290UooL18eUeixpDNVAYLePivEtSJA3z
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 09 Feb 2024 18:30:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D829
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED2u1iYjGmol-G-72KAtFXw&google_cver=1&google_push=AXcoOmQ5XH_NfHJbA5NL35ATfsNfPPyR-22msQ7RhWwhETVfhVUGpNUNV_ScosNgXcnR455HedbiadLmQvZeS1S1_Tib_v7...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ5XH_NfHJbA5NL35ATfsNfPPyR-22msQ7RhWwhETVfhVUGpNUNV_ScosNgXcnR455HedbiadLmQvZeS1S1_Tib_v7go8I

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ5XH_NfHJbA5NL35ATfsNfPPyR-22msQ7RhWwhETVfhVUGpNUNV_ScosNgXcnR455HedbiadLmQvZeS1S1_Tib_v7go8I

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ5XH_NfHJbA5NL35ATfsNfPPyR-22msQ7RhWwhETVfhVUGpNUNV_ScosNgXcnR455HedbiadLmQvZeS1S1_Tib_v7go8I
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D829 0
12 B 28ms
28ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsLFrnui3mywateo86KDYbQsQtuOoUh3SOgz_FmdMOVg

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame FCCF
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1849103/76721142/skeleton.js?bundleId=&ias_dspID=3&ias_campId=26772757&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=16249322149&bidurl=https:...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
465 B

27ms
27ms

Script
application/javascript

2600:9000:2450:3800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2450:3800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 11804956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Snad1MrHKZuk7kJtYLBjG8A_IvUUajjwVqQwNVcMxBNCcyLcG56yzg==

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 981D 91 KB
23 KB 31ms
30ms Script
application/javascript 2600:9000:2450:3800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:3800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 3915618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: F0NyUxkGR382QIgmSFpshMMBUarzRJpguMoYCEwa15cE-3QCr5n6SA==

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 773C 39 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FCCF 43 B
215 B 264ms
197ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=a7767f40-f49c-ca6a-ece1-b71fc59cd34a&tv=%7Bc:3QDIKm,pingTime:-3,time:76,type:v,im:%7BpBlk:70%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:64%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3UsVpk+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C181%7C182%7C183%7C1841%7C185%7C191*.1849103-76721142%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:65%7D&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FCCF 43 B
215 B 264ms
198ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=a7767f40-f49c-ca6a-ece1-b71fc59cd34a&tv=%7Bc:3QDIKn,pingTime:-6,time:77,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:77,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3UsVpk+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C181%7C182%7C183%7C1841%7C185%7C191*.1849103-76721142%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:65%7D&tpiLookup=ao:kooora-lives.net*%2Cb8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com*&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 6 KB
2 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:19:26 GMT
date: Thu, 08 Feb 2024 00:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 3 KB
882 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/adStyle.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4326a90148fe731bb8a79cb33101e6ff9e3dc27b0c8b91403e9f0c10ad80bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:19:26 GMT
date: Thu, 08 Feb 2024 00:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 843
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9ECE 118 KB
40 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 04:12:33 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9ECE 57 KB
23 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 3 KB
1 KB 30ms
29ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ea98d3e4f0ec9bc85de86a8ecfdea25688f2384e5a630afdff176fd24d77c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 13:58:23 GMT
date: Fri, 09 Feb 2024 13:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 8 KB
3 KB 31ms
30ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/textFit.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 15:53:41 GMT
date: Fri, 09 Feb 2024 15:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 25 KB
11 KB 21ms
20ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/adlibUtils-v3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:19:26 GMT
date: Thu, 08 Feb 2024 00:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/ Frame 9ECE 3 KB
1 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/animation.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74677325e1d4a25317468d085cbd2e4ff9779c8eb4d8fbb0de7a4ff92b5529fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:07:14 GMT
date: Tue, 06 Feb 2024 18:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1173
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 11:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FCCF 43 B
215 B 161ms
103ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=a7767f40-f49c-ca6a-ece1-b71fc59cd34a&tv=%7Bc:3QDIKw,pingTime:-2,time:86,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:184,beZ:185,mfA:242,cmA:243,inA:243,inZ:243,prA:243,prZ:246,si:248,poA:249,bl:254,poZ:254,cmZ:254,mfZ:254,loA:260,loZ:261,ltA:269,ltZ:269,mdA:185,mdZ:228%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1707589834771,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:64%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:86,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B27~0%5D,as:%5B27~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18.1849103-76721144%7C181%7C182%7C183%7C1841%7C185%7C191*.1849103-76721142%7C1911%7C1912%7C1913%7C1914,idMap:191*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:65,sinceFw:21,readyFired:true%7D&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 07BB 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4DBA 43 B
215 B 161ms
161ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=e1996998-2d8c-cbdd-ecf8-8766994ab5e0&tv=%7Bc:3QDIM3,pingTime:-10,time:544,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE2MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1707589834874%7C%7Cb198a7a3dcfde90b7410ad3dc23fc2cb%7C%7Ccb83d64b66ce79c8180112a4f5eea90d%7C%7Cd1218837926823d487645fea8e276469%7C%7Caa9dc1b4532988bf417353db8bab4d7e%7C%7Cf61fbf354c366cf1a2e2212e4ecf2597%7C%7C8de1847b44ee89a5aff687fe40f7ff27%7C%7C98f0782484c90056d11c0193670e0675%7C%7C1663701684%7D
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9ECE 8 KB
6 KB 69ms
69ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

189de46bbd3efa1d62b71b5c0318779c8934b8a7aa44b7082fddc625fb93b490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5888
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F02 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssC1Z9dkjtcOAb4FIOuZPo17YfYoqhZJMKVVibL38YF9hhjQ31DwpgUp8iDyFT5IVyHi_ItTC134xUz9b993CFo35b3SHeJhnt9MWCNdheQgz2ciRL-0bT7eQpLhhK5naVvqa57PQZ9wSd13B3VoKQZidO16rsxRcXC4g&sai=AMfl-YSgfKklJVHlQj0oHBQBx4kbLPhKDe1_3mC13525qnhlHgwZrGjkGjeuA-FlD6Y9vFviyDT9Bh_s5xAvMPNzVvH7O-DoEkXqgH5ntrrD4SRPlRwhR0mi5ZWk3ocyjWqxnUE2EA3d05WPzlfjdbPN&sig=Cg0ArKJSzGdNHqJocUYsEAE&cid=CAQSTgAvHhf_86JQ1hnNfT11uiZ21hoVCa5rwGXbXnUxbqgZ4wz8wHKWLDRWMQ8oWNM_BhkibwWFUX6LcZ5jtVhRffFmA0X7uphcChARBdCYihgB&id=lidar2&mcvt=1004&p=468,315,718,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2863452825&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=352263300&rst=1707589833774&rpt=132&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 773C 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaOIVysDHZeamJ_2H_NUPp--Z6A8AAAAAOAHgBAI&bg=!paalpunNAAaxkZ3akZE7ADQBe5WfODglAOmua3vSiTN5J_Kigi17xSIwEyzaXnJFCysFSy20dbGjJekJ-QhIam4GkAOAAgAAAHdSAAAAAmgBB5kDVb9ZCZBO7hiEaAWiAiI88HwNdmbKEzOYsCpxe04YLp_a5t5XMqOeF5Cu0pG6wNvJYTDhUYycSgy1uEIY6m74cF4B1-RSHff_Ka0wWi0gRw2_EUmZh0hpI_IZb2BDpAWe4e2qJjSWEiJbJ2HnuTZo4Y-pRhKzcFu9GmHqj5xURC_9V4-qghlHDXj8y1-2xy4hMKQZmIHaKVmfgzELhGI_jopErgtxUyd7zkMcOj8tbLRvAOvrpT9nIxqvkDhiSHw3OH4zHRmxRy5CVdeKUnOYr2n7DTdFDrq5pCoMeiQo4_jt4_-I2BXvuKPwkcmuRG5FbyORyucsW816zb1MswQ-fqzh3_XcCboiF0oZauHq2Pb3H4Edk_PLIfgsxY09TkQ6eaA8hpaxVIxPqZ5Jk6NuyFNs8p1YjAgWFkL5U5mvQpCGNL0QpFPGuualxM3B3xMhreUzL4FJosdxQrAtOqLYBzhrnd-WGwhJ8WCoWUtyAS-3XPbJ4UxbR9bdZr_HoE4FdmuCPxJCzVaGLsQ6sBCSE2zWxDLbeM3FEHhVNW5unqDxRIZFD6I1OIaWF9RLrpIZsY0Bro3LAI6RmTLdIlQsnk6SWW7jrzhLe7uJYeSq6xI_haT8SGledzbiRUiqQy7G4s6vgEt2mU8QZwuo6L7n_sz_GPtJip9HWtafY-v0QSCPOqBb2MPPpzIihxlJiqQ6DTbpkVlimfEa0GbBHWdb5VkmzMnPSP7SfOq_YPDhijAFsOpnM9t9Pfkt4-ykR_ZfFepvG5yYAOP_P5aQozUGlVmDre-74Wg3RBQYpZlU4wH-y-NpzpVLfkhAl2dMnzGfWxyK7aQVt_NJbTd6v3t9K9nwFxPwgW5V-VgAzoVPDVvw1D2A2FxT0xMVUb39osaoEPQsboCb23Y2j4unHXNqi5_NqjfVa5U0Z1p7qUWnQsakCmDagyc-nG5y_3H5Wz7OlsydMJqlDUgwJ4_Iw_cYP7VuOO1Jhw7RsTftT6zCCQa6y4QAXdVT3ZdrfLrs2jcmr0FdGNBKTpErACRG5xwQ0--T5dN5v6deUTDr3HBysI4FJm-2OPQSIrKGKljtVrIoIi6qhXYue1z4zyS0ZcAg9YXXLVC19XD0bnIn6jMafbjXxVGvZl0

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FCCF 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=a7767f40-f49c-ca6a-ece1-b71fc59cd34a&tv=%7Bc:3QDINg,time:256,type:e,im:%7BpWait:20%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:256,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B197~0%5D,as:%5B197~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:167,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18.1849103-76721144%7C181%7C182%7C183%7C1841%7C185%7C191*.1849103-76721142%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:65,sis:204%7D&br=c
Requested by: Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:35 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9ECE 17 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 18:30:34 GMT

GET
H3 200 blank.png_1680108361463_blank.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/628ff4e29b1b74f9cd012030/original/ Frame 9ECE 927 B
960 B 20ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/628ff4e29b1b74f9cd012030/original/blank.png_1680108361463_blank.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:58:36 GMT
x-content-type-options: nosniff
age: 34319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 08:58:36 GMT

GET
H3 200 MULTI_HPReturn_DISPLAY_300x250_v2.jpg_1694185219511_MULTI_HPReturn_DISPLAY_300x250_v2.jpg
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/64f5eec41775000ab537f23b/original/ Frame 9ECE 44 KB
44 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/64f5eec41775000ab537f23b/original/MULTI_HPReturn_DISPLAY_300x250_v2.jpg_1694185219511_MULTI_HPReturn_DISPLAY_300x250_v2.jpg

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01dc8b27197e1a05c665b4a1c4c1f880b89c50eb3f75556c8dfa1fe536cf5c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:32:52 GMT
x-content-type-options: nosniff
age: 35863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44945
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 15:00:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 08:32:52 GMT

GET
H3 200 gradient1.png_1680108361463_gradient1.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/ Frame 9ECE 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/gradient1.png_1680108361463_gradient1.png

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bcd370761d324e10f1b3b8db520a161dfd4e71f1b1a8527d79b51f3a55a1a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 05:03:00 GMT
x-content-type-options: nosniff
age: 48455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1940
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 05:03:00 GMT

GET
H3 200 gradient2.png_1680108361463_gradient2.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/ Frame 9ECE 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/gradient2.png_1680108361463_gradient2.png

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d7ff076bcda8dd443bad6a7fb87d398231d1fe7900bebad4316cd374ee7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 20:13:55 GMT
x-content-type-options: nosniff
age: 80200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 20:13:55 GMT

GET
H3 200 bg.png_1680108361463_bg.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/ Frame 9ECE 25 KB
25 KB 23ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5098a9663c30c4efb39f19f45e2d5cf282ed8985f5cc4f531e8e6a957ebe5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:04:21 GMT
x-content-type-options: nosniff
age: 235574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26066
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 01:04:21 GMT

GET
H3 200 blank.png_1680108361463_blank.png
s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/ Frame 9ECE 927 B
960 B 22ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066433/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/63930a5e9069885ff61e1666/content/blank.png_1680108361463_blank.png

Requested by

Host: b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
URL: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15733332954736230400/300x250-HBO_SingleTitle_DisplayPrg_Static/index.html?e=69&leftOffset=0&topOffset=0&c=WdKOTFIMZF&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:59:53 GMT
x-content-type-options: nosniff
age: 106242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 12:59:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 383B 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_eNMbhdez7xQGLxVR6GmH8XjWOf9oqs0NVBIlTmJcyaw7dJzG0z72_MCk9H24xWzW3RS_Bx_cFnxqotQorC_SPAqm-1dJ_oWd-ZPivL0Zm5VZXfXM_Q4H9I6CV6IgvREVLVEhpaWD59cG9f1MDlZ6y3bT6Q25Ex_qVg&sai=AMfl-YStj1lgThUY1jRewigCFAyaEaqR1kbtf2NhdXL2axYQuSt6fQtcGfD39Q2-qnVrBnbHat-J1Ok3WcVuhiTb6g1TEq1W78Z1UBmS7jfS0n2gNekqNXFF6HODm79a93NDONFulCioHQNrdMinVK6lvA&sig=Cg0ArKJSzAfyRhZX1C3qEAE&cid=CAQSTwAvHhf_76ABxRkeJbBursgSWo9G3ZZURRQTxcDFNskH171nr0b0EzS_ViCS61FlpaSr5jhiCrZJTSt1U64J6lvDpDWdFZ7oCzvFT-YJRs4YAQ&id=lidar2&mcvt=1000&p=100,315,350,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1594690857&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=352263300&rst=1707589833859&rpt=152&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame EFB1 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 17:54:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 799B 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4m8z9J4Ohyn36pazv7a01kMJV_uckLjxJoqMspn5OL9SJcDGzASey2LWS7RdnpoM2H-nSWkldyjsPtdV43BAlj1yR6xYMOqk9Bn4MAGnK2B8OaaMVgpOzy7TTLj4EGRpF9HYdz0Ode_1IqIHA_5Ep3-vPk3EAba997w&sai=AMfl-YQ0WutRI_zL8N7zlc_5k7FoqekBK76K8ldd408s0e7GBGEJzwrOZuAe59rSFz2DfDLEbX07wxWVXYeIRrdxJmLjIE50qYeJiin1y8uDJu33d-2Bsz2HfF6f3Y8&sig=Cg0ArKJSzNmeZ4Pey_wLEAE&cid=CAQSOwAvHhf_kEm_4jR4nlIpWZFan0mK-kRN9yG2osG0FOjoDyzoXeqnXSWHWcG6SVJDaxSos16JQWsePl7tGAE&id=lidar2&mcvt=1019&p=0,0,90,728&mtos=368,798,1019,1132,1240&tos=368,430,221,113,108&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=796937082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=352263300&rst=1707589833715&rpt=119&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FCCF 43 B
215 B 103ms
103ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=a7767f40-f49c-ca6a-ece1-b71fc59cd34a&tv=%7Bc:3QDIPG,time:406,type:e,im:%7BpLoad:363%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:406,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B347~0%5D,as:%5B347~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:107,fm:u3UsVjt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C15141%7C161%7C162%7C1631%7C171%7C172%7C173%7C18.1849103-76721144%7C181%7C182%7C183%7C1841%7C185%7C191*.1849103-76721142%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:65,sis:204%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:35 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FCCF 43 B
215 B 104ms
103ms Image
image/gif 2600:1f18:1aca:4282:4acd:58b4:e741:200c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1849103&asId=a7767f40-f49c-ca6a-ece1-b71fc59cd34a&tv=%7Bc:3QDIYK,pingTime:-10,time:968,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE2MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1707589834874%7C%7Cb198a7a3dcfde90b7410ad3dc23fc2cb%7C%7Ccb83d64b66ce79c8180112a4f5eea90d%7C%7Cd1218837926823d487645fea8e276469%7C%7Caa9dc1b4532988bf417353db8bab4d7e%7C%7Cf61fbf354c366cf1a2e2212e4ecf2597%7C%7C8de1847b44ee89a5aff687fe40f7ff27%7C%7C98f0782484c90056d11c0193670e0675%7C%7C1663701684,sca:%7Bspg:e1996998-2d8c-cbdd-ecf8-8766994ab5e0%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4acd:58b4:e741:200c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:35 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DBA 0
21 B 234ms
234ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3514543340860&version=m202401290101&ct=76&x=1&cor=12256953706477314000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FCCF 0
21 B 216ms
216ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4196791613800&version=m202401290101&ct=76&x=1&cor=13446904302632907000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 18:30:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4750114&@f16&@g1&@h1&@i1&@j1707589833361&@k0&@l1&@mkoora%20live%20English%20Free%20Live%20Sports%20Stream%20livekora&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:165002051&@b3:1707589833&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fkooora-lives.net%2F&@w

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDcjzVBu2WwSd1QLgQDOkkw8HPJuZcajjOxsnat_wFzliVaR3w1xJioMGRpaqs-OZE8U3PnysnYQP9x3QYjkE22VilXaJyvwDN8qYijYKIcV0wJZCIvViksXwRXOhfeZ7k8_tnUGjXOraU46oGrM8NpKSb1FCY0QOVw3xwsWwXf789dIxOEdg5NAJRT92j1VbKdafcump4VuULQ7MfHXnq58T9jArG41vyV4JiLnsiropkiV9VYBEfEOpY52pzSiFIKHxbYNv15OizrBYOr3x-6JdJzGngyk6E0nADyvvav_j_ekh7GENB3BwxrYhlBt46iOrvr2PQRk4PQ4uEqKDDLkOH6SEzk_lMPjErW3EmSmadurqkHzy6hWE0_pHi5JvF5NUFV-jJ8h9afDavU-r6d42m-PHybL0n_Muiz18I4zD1qme743ncMKvCnOzeeMYaaOI&sai=AMfl-YQrCnolgWENskxKB-jHsRz8mjF3rXtYwHJbRp32rOz69SaUEUlOJwYZWwn3tYndzb5SyzESTIMnBsvFQX4qP6IlQal6XDtADzlkk3TrfigtypRxExAkIiEPE4CUWcOia9bpg7gk-B05fQvdPQXqcDk&sig=Cg0ArKJSzDM9BWtWuhPREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demand.supply/	1970-01-20 18:19:51	Name: __cf_bm Value: cd5p56lmZO1rfxosPHHg_5XULlicfDbYUhXN.G4fGc8-1707589832-1-AQy15c4kIfDTgtOkWVU6aMlDH6ZeE1BBHcqBDXCubf+/k8S7HdNRAFjN6JsqNVwMx5WqpVK2lt1T146iIjaDhgE=
.criteo.com/	1970-01-21 03:41:25	Name: uid Value: f32dbbcb-10bb-4200-be17-cc56e319014f
.criteo.com/	1970-01-21 03:41:25	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 03:05:25	Name: i Value: 2b9baef5-616a-43d3-bf3e-ce61967cc908\|1707589833
.kooora-lives.net/	1970-01-21 03:41:25	Name: cto_bundle Value: uWrtP19vTTZPdkcwZWE2TFBjajRtMHpBNDVCeDl0T3E0YzI3MGpEbDNiUFlPaWFQWDFMJTJCZkZWJTJCTEhCbjBmbjNGeU1pVE9vc1ZtRXZuRmNzZVJUNlBmaHRQc1lYcTFERDNWYWdEVGFZdEdTenQ3YVF6eWpVTjdhVGFSZmE5SVdKTVF6eDNqcnRWekFaaDRwZjMlMkJvMWpSWXZVdFYlMkJpVVM2bk5BQkd1NVZ1VENkQlRMQSUzRA
kooora-lives.net/	1970-01-21 03:05:25	Name: HstCfa4750114 Value: 1707589833361
kooora-lives.net/	1970-01-21 03:05:25	Name: HstCla4750114 Value: 1707589833361
kooora-lives.net/	1970-01-21 03:05:25	Name: HstCmu4750114 Value: 1707589833361
kooora-lives.net/	1970-01-21 03:05:25	Name: HstPn4750114 Value: 1
kooora-lives.net/	1970-01-21 03:05:25	Name: HstPt4750114 Value: 1
kooora-lives.net/	1970-01-21 03:05:25	Name: HstCnv4750114 Value: 1
kooora-lives.net/	1970-01-21 03:05:25	Name: HstCns4750114 Value: 1
.kooora-lives.net/	1970-01-21 03:41:25	Name: __gads Value: ID=e3951cc868df3122:T=1707589833:RT=1707589833:S=ALNI_Ma-yIDPmL4CwoduEZGcccfbwqKvSg
.kooora-lives.net/	1970-01-21 03:41:25	Name: __gpi Value: UID=00000d5536b82306:T=1707589833:RT=1707589833:S=ALNI_MYAtMw4koZBhvwf-V9n0wilZZfRGQ
.kooora-lives.net/	1970-01-20 22:39:01	Name: __eoi Value: ID=398f447cfd272d63:T=1707589833:RT=1707589833:S=AA-AfjbSyhQXWVTgjoogTRwHz1Gu
.ads.avads.net/	1970-01-21 03:55:49	Name: av-mid Value: 29c1c837-a6c9-4e4f-b8c9-d626cdd21d20
.w55c.net/	1970-01-21 03:47:11	Name: wfivefivec Value: yHvG2G351RyS7v5
.de17a.com/	1970-01-21 02:58:13	Name: guid Value: 1.3344061274054888788
.w55c.net/	1970-01-20 19:03:01	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-21 03:55:49	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:29:25	Name: CMPS Value: 3398
.adnxs.com/	1970-01-20 20:29:25	Name: XANDR_PANID Value: GSEtgl1DhQxnZAfFWJXb1-5bNBOHsemcWC7SUfnX9F7ptwkgNeZ1RS5xN9quKOlrmhugOWyoWTAxjXkORRir2uuhx5ZEh5ZQKrGXl6rbbt0.
.adnxs.com/	1970-01-20 20:29:25	Name: uuid2 Value: 1143990455989075989
.doubleclick.net/	1970-01-20 22:39:01	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:41:25	Name: IDE Value: AHWqTUm5D1iWQsgXNhJtJt5nmVRqz5Togzd--X0czIz8wlZhss8J3A53qL9DKBPnJWQ
.casalemedia.com/	1970-01-21 03:05:25	Name: CMID Value: ZcfAybmqPeUAAF5dACBBBQAA
.casalemedia.com/	1970-01-20 20:29:25	Name: CMPRO Value: 5288
.adnxs.com/	1970-01-20 20:29:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%9L2FZe!A#F3.TOKKnyW<U1`VROYQM-:].0SC<WIIc<=is)<#ndnC]YIEFZeKGevjwU/X%W#.wL4W1Qw18`m`Uw
.doubleclick.net/	1970-01-20 22:39:01	Name: APC Value: AfxxVi6xoOLQZltGYEBtvxGARjMUACZ6DU7Qy6HsyMyGmnFPX93YUg
.simpli.fi/	1970-01-21 03:06:52	Name: suid Value: 279AD19FC30948CDBD7635D076F7EDF7
.travelaudience.com/	1970-01-21 03:47:11	Name: _tracker Value: %7B%22UUID%22%3A%22DB5BEA5F-A4B0-4380-08EB-B73D9EB2DDC2%22%7D
.adform.net/	1970-01-20 19:01:35	Name: C Value: 1
.adform.net/	1970-01-20 19:46:13	Name: uid Value: 5893660852279388715
.tribalfusion.com/	1970-01-20 20:29:25	Name: ANON_ID Value: aCntPKO5nP87PRo7TGr73GoLZaBVVe6eOk8hgJgxsuXTRJTyIc19kvqrZbaOVE7jQhN7JYAKYA1EOGFXGheL5sUsZdPVV92

188 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s4.histats.com/stats/0.php?4750114&@f16&@g1&@h1&@i1&@j1707589833361&@k0&@l1&@mkoora%20live%20English%20Free%20Live%20Sports%20Stream%20livekora&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:165002051&@b3:1707589833&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fkooora-lives.net%2F&@w Message: Failed to load resource: net::ERR_CONNECTION_RESET
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/index.html?e=69&leftOffset=0&topOffset=0&c=A2iBGdaYWv&t=1&renderingType=2&ev=01_250 Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.0.star_rate_image_url.Url%7D%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.1.star_rate_image_url.Url%7D%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.1.acco_image_url_1.Url%7D%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.2.star_rate_image_url.Url%7D%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.0.acco_image_url_1.Url%7D%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s0.2mdn.net/sadbundle/11412598334416451850/%7B%7B%7Bfeed.2.acco_image_url_1.Url%7D%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://kooora-lives.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ads.avads.net
ads.travelaudience.com
b8d6f58cbbd743ee8498b569ed500ddf.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
c1.adform.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
kooora-lives.com
kooora-lives.net
live.demand.supply
match.360yield.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pm.w55c.net
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
yalla-goalz.com
pagead2.googlesyndication.com
s4.histats.com
securepubads.g.doubleclick.net
13.32.110.70
142.250.185.98
142.250.186.70
162.19.138.118
172.64.151.101
172.64.152.89
178.250.1.9
213.155.156.181
23.211.8.12
2600:1f18:1aca:4282:4acd:58b4:e741:200c
2600:9000:20c3:5e00:10:dd8:5e40:93a1
2600:9000:2250:2000:a:e047:753:eb41
2600:9000:2450:3800:8:48e:53c0:93a1
2606:4700:10::6814:4f63
2606:4700:10::6816:3556
2606:4700:3037::6815:3541
2606:4700::6810:5514
2606:4700::6810:8616
2606:4700::6811:180e
2606:4700::6812:18ad
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3120::3
2a06:98c1:3121::3
3.127.84.173
3.75.62.37
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.186.253.211
35.190.0.66
35.204.158.49
35.205.207.25
37.157.5.84
37.252.171.85
52.30.159.215
54.194.91.232
54.216.150.47
64.233.184.155
019f5084c88c31607190ad78deff887e73c3d2707bc4cb390d0bb94e156a1ee1
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dc8b27197e1a05c665b4a1c4c1f880b89c50eb3f75556c8dfa1fe536cf5c6c
02cbcf214839eff8133e36a7caf64d3fc7bfb664e5a6084d083107fb7dc79b04
04f0629aa2bd5f7d9b263f739dfeb37cceea9d11d5a0f10ef20a4756925d2430
0504a4fc6caede58ed56a4be6d0dae72b8ed404894ccf1ba790876d1eeeed5b8
071c93547b26ce1008d79f6fd08046324e64169591df60dcbbbdf61b312150e7
0723d125c75c8641284b738d75122034294cc3a42a60267e8bdedf2281a86b68
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0e70aeca460c30d6ace4d5380a160e8473f20ee8a178e4945c620be8757a4149
12e06f1d23fe8f22ded1744d57ad7bac5fa202359cfc6a641474adfb1e304634
1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9
15d7f6a79e70c89190e06fc542e4b625a03c61c4a2a78c75feafce8b86e183a0
1772fbb9ae95f18fed4d611dc162b55b3d9b7fcb619d5626ee654d9255ec4559
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
189de46bbd3efa1d62b71b5c0318779c8934b8a7aa44b7082fddc625fb93b490
1c435b337fc05c0690d93aabb388197526451b3bbd4d2236f9da34d0c1983a47
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1d72268ae6f8e144ee3ec171f4f95bfef8b5e73b4ef635a51caae51e9e110483
2270eb61dcfa969d306647b435189e762387878b34d09c2cbe596ea4bf457d0a
2372829708006f9665881ff70f910dbec5e55e01dfac453fe9c2de9e482addff
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
2a6b4161ff67f0b18a96b7d8523b80ecac623f15e1f537683602ccf37b28b52f
2b74f77780559a9a8a9d8b1f2b1ae61a052c788a608d045a74b985ebc69e4f78
2d096326cd90387efaca9db2096876825f6710c4e7e93d13d1323402aea86d77
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ed9a803841820c8f3940f0089458bb9c72d6947cb3990afb6a7a58a61065a92
307d27c4fe7fa86e51f48291c158b35147d08db4352af57ffb357a9aa5adc505
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31af4f4329e2a4b7295dcfe90b27669bc0ca2a8e1fbb3ab37b55af1c75714560
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
323d5e2f64e51d91c3f6d0db6996ac6feb5f967f813cb97fdec849a3e9c70402
3258bb61f5b69f33076dd0c91e13ddd2c7fe771882adff9345e90d4ab7c32426
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3308e3fec71a470538c3b6671f6ba57b46cc8ca432e5b948a71be14857f92c60
392c734506c7a756dd56e13dd279f299b8f413fa31ede7c21a9838505f9185ff
39c4d8e945cf63e089ff9ce4a994444a9ab6f3eafe1cd72e50270980934c94a5
3af09a809d949cfdfd850d8f46106697410c89dbe78fbf9f1fa666c32fcb4588
429c9bb1f4fd55658fd6da27f6f7b8a65e481e2ae156e87d2a978607c05363a9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43d3c0404baa99c35d7eb6aa8e2c0d43cfcfaee21bc8537330747ca7ea028213
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442934953e2ad201695846b1a8d478157de916cbab456ddad256c4f7d1f6fc40
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dc1f18ef5fd887b12b7a2866c824a7097b62c6127ee4016f51bad9118bb6a7
471a03cbe09d076829e92d502db7eeb4c16b1084c548aea6bff0c775d6301b0b
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d59c7113513f474e56b48e3e3a4385bb0e7a10c1ba6de348218e97109411677
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f05970b398baee30570ab1f278081677af24481c52c92a8e23d776270565c23
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
51fa808e1c12083fc9673a294360eaeaf7c98dcb215bee6798d808c0abf634f3
53a231480cd9059d8ad711baad6accc686a0eb0bab41d897592af83d903f2687
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
545aff3de8dc93bc1f5c0fcf13103a4e79157aaba2d92521688cc157e0882293
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef
5992499e837988e85ce84367cc91902a955fc3db001e5911bc0c66451810885c
5b6a43411ee4c7aea388ec204150d157a69ea030de20af86c58e654a66a2981f
5d5f8ec717fbc039c52c07f384f63fda757e656758fd983737895c108a089546
615ba3215d2c37be50f5d91e5e451c94373db52c4e63d1d92f9867f98d7da1e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625943807f90ef931728da1f8944656d55624286eba1e7fb331ad72a663ab0a8
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
633b518d42388264f1f1028f773e8a0791954a302a0b4ab8ef6f4fcb729b249b
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
695a56f3c35f56561144c59f785ba86a42354fb8c01bd3af3e505977ecd4ca90
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
70affb94bb9418b5c9a0cfdaae1863eacc437e85136d6dd0e5ad3fc090f62fca
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
727251dc28fc218f7f5160cc1d34b0edda051fe4098497530f469279e44c37ad
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
730e9503e6f985e78069b12eadd309494c665d98e14bfa3ae1e1e53e7c87734f
74677325e1d4a25317468d085cbd2e4ff9779c8eb4d8fbb0de7a4ff92b5529fe
75878746f86699575801c0577246a773787835cf9075ea5753deed6fcba3bc52
777495521acd8412cd06796950e02dbef84b73bbdecced4d60e6b4757d81af07
780bfce19ea9a74d61dd90f780ecdda7ab4dcb9ef19f95fd12f13f490aa10acd
798d4026bc40e94e8d6ec577e86cd8b8825f4c159f83974defa5e4871583c335
7b97ab27478e1402ec7f35c1e1e4468e31f226fd5a36d55c73ccca2080c8b15d
7bcd370761d324e10f1b3b8db520a161dfd4e71f1b1a8527d79b51f3a55a1a61
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81785d9d3d137904ed0f9d864f5a0389d06ec52c69abf6fc631cdfaa903c9c23
88dcb4371df9e42f311b9407583c17e21e1791770b33368f53428dcaa05d0782
8e5c1c95ef1884fce18fb4b2748fadb2b265aabc8bcff039399a340be2d87fa8
8f31d0b9a787e49c522425fcc13162a73093c95d675327c15b10e4a0db8ea79b
8f39761bdb88343bc6aa8f8f83fe461afd762b89be1311068d77ae0ef2f29b89
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
99e98ad0329db79408bb7628dfb819a983b0d3db0e76f0fca5068fa0f5aa1580
99ff0ffdb6a6ca11466da36b85473e4503bdab081747623f0369bd3a26c7493e
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f83c47a6b8089219d589a64fb95bfaa84e73d0906dd44c1994561d38713f3a0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a056d28b5560eb81f628cf36be8df49e5361297bb0d32491cc89700ec959715a
a25253204eb116cbbc287fe89619aa9c6d40dfdb7ffcaa18a18fdff7c970ca6c
a301758c6485e12f85e2bffbe5d4ee2538cd7993d8d30e893c8820ac91280354
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ab77ea29410b82c2227b47f0ea0ba50279977503c3674f9fa1298a0f66153ebf
ad9aa348dd471ba5c825d4db7323c0d2594b181d88f9e6e304d8bdf576bb553d
aee8728ba0731ba155c0a7bd099867749c7bf25f7d6d89967807ff1068d8f3f4
aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a
b05023db04b56f3f423eec0da9c5f2f9fb009eaf452928ed42f07f2139d65aca
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
babfcedcdac8dc088df29fedf3fd5348df0e4ff11ad28a8855a7a147b6c6c421
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfbab9dd75b6cbfef7580eaef179cc8f67d20f96c9889cb3f2f9939a6096f66f
c2685717d5810d2a3a65af5815003622c16f3d1977cf64d4081cb334d66298a8
c322db6733fc1fa6cdac21693d809ede3774c049aa5ba5553daefd2d7ea4f218
c42e95760c7ded6c63725963644b81ba5e76d56e759a958b1dadae8115edfdd1
c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5
c68c8e4f546d25102638a7b6174654dad853972ac1418d6cda46289906238469
c697efd5b9849665cc70c73bdfb04ad243baf6f51bf28dae7fd43d6df2392c75
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
cbf2e106c614633902d6be79190048a2d2688fdc9e05b1b947e18c843f8ed2e8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffe9168190ac13d844c0b151df531ba95775e7f00963c295ea9dc3b02f4cd49
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d139ca0330a30e8795f66523a1b2ff45519a79613df3b95627d70a531332003d
d24d7ff076bcda8dd443bad6a7fb87d398231d1fe7900bebad4316cd374ee7a1
d5098a9663c30c4efb39f19f45e2d5cf282ed8985f5cc4f531e8e6a957ebe5b0
d57fbb78e362e90eda0bf3bab1834fb3dc115bee81668e3f689177b4d71484b7
d65968d40e7f81144f12f72ee2116435a72df500bb6df6655ec7d34b0bf90d77
d6e91c559353152501545c1204995bd1bb9fc4cb8bca8b81352c601b872d04cb
d78080e97427f5c3dbd2f39a2ff236c3f7409b9a41bd77d2d969bb06a69f39c9
da3f82712a9fe1ceba6d6fe6e9ab628eb17f9ce607cff3fc7dfa554efde71a61
dbdab3a5aec81caa26771272cad151ced9be4412dd116df6bcb02a46e3e7831f
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e00f245ca664217e830d983f4b75f49a8a38f13351627c8c8a894de76ca380c3
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4326a90148fe731bb8a79cb33101e6ff9e3dc27b0c8b91403e9f0c10ad80bbd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6bd7a3b89a91eaba69fc4b01e408834fdeda54bf707c909b2c4f190d6f0db4d
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e87e6cbfe9bac10b95b9814d64cc0c5adaac98a4fdf55396df774c9a65cccf91
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb6684bc6ca0a9881c003a8160b2797bd01c8d8c1068a72d2cac485f2362472b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
eeba13fde654fbf6062bcd5b369ca3f1e779b4f5901a52989c96302c5ad6e772
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efb4762683c1ab088171aeb437ddc224ec616c69ca9d563454f56a09666e12ea
f3f7169d0109ab10894e689b7b406364eca8d7546393a0ca90eabe5ea0597369
f5ea98d3e4f0ec9bc85de86a8ecfdea25688f2384e5a630afdff176fd24d77c1
fd65871333f32a3f54174f62fb06282f9dcad18926ad1aaf575f8962f17bc7d8
feac5b668ad42cb709471b170680f6117e076a04fc0f5048819c3d02eb9d3b7b
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

kooora-lives.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

339 Requests

88 %HTTPS

48 %IPv6

34 Domains

52 Subdomains

41 IPs

8 Countries

4171 kBTransfer

9231 kBSize

34 Cookies

30 Outgoing links

Page URL History

Redirected requests

339 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kooora-lives.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

339
Requests

88 %
HTTPS

48 %
IPv6

34
Domains

52
Subdomains

41
IPs

8
Countries

4171 kB
Transfer

9231 kB
Size

34
Cookies

339 HTTP transactions
14 data transactions