www.kooora.com Open in urlscan Pro
104.18.9.101 Public Scan

URL: https://www.goalzz.com/
Title: English

URL: http://forum.kooora.com/
Title: المنتدى

URL: https://tv.kooora.com/
Title: TV

URL: http://www.startimes.com/
Title: منتديات ستار تايمز

URL: https://m.kooora.com/
Title: كووورة موبايل

URL: https://striveme.com/article/%D9%85%D8%AD%D8%B1%D9%83%D8%A7%D8%AA/%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1/%D8%A7%D9%85-%D8%AC%D9%8A-6-2021-%D9%88%D8%AE%D9%85%D8%B3%D8%A9-%D8%A3%D9%85%D9%88%D8%B1-%D9%85%D9%85%D9%8A%D8%B2%D8%A9-%D8%AC%D8%AF%D8%A7-%D8%AC%D8%B0%D8%A8%D8%AA%D9%86%D8%A7-%D8%A5%D9%84%D9%8A%D9%87%D8%A7?utm_source=kooora.com&utm_medium=referral&utm_campaign=kooora_api

URL: http://striveme.com/?utm_source=kooora.com&utm_medium=referral&utm_campaign=fixed

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28191446&title=%D8%A7%D9%86%D8%B7%D9%84%D8%A7%D9%82%20%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D9%85%D9%86%20%D8%AA%D8%AD%D8%AF%D9%8A%20%D9%81%D9%8A%D9%81%D8%A7...%D9%88%D8%A7%D9%84%D8%AA%D8%B4%D9%88%D9%8A%D9%82%20%D8%B9%D9%84%D9%89%20%D8%A3%D8%B4%D8%AF%D9%91%D9%87!

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28192290&title=%22%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%D9%85%20%D8%A7%D9%84%D9%81%D9%88%D8%B2%20%D8%A8%D8%AF%D9%88%D8%B1%D9%8A%20%D8%A7%D9%84%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%9F%22%20%D8%A8%D9%88%D9%86%D9%88%D8%AA%D8%B4%D9%8A%20%D9%8A%D8%AC%D9%8A%D8%A8%20%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28191503&title=%D8%A3%D9%83%D8%AB%D8%B1%205%20%D9%84%D8%A7%D8%B9%D8%A8%D9%8A%D9%86%20%D8%AA%D8%B9%D8%B1%D8%B6%D8%A7%D9%8B%20%D9%84%D9%84%D8%B7%D8%B1%D8%AF%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE..%20%D8%B1%D8%A7%D9%85%D9%88%D8%B3%20%D9%84%D9%8A%D8%B3%20%D8%A7%D9%84%D8%A3%D9%88%D9%84!

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28191449&title=%D8%AA%D8%AD%D8%AF%D9%8A%20%D9%81%D9%8A%D9%81%D8%A7%20%D8%B9%D9%84%D9%89%20%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%20%D9%8A%D9%86%D8%B7%D9%84%D9%82..%20%D8%AA%D8%B1%D9%82%D8%A8%D9%88%D8%A7%20%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D8%BA%D8%AF%D8%A7

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28191281&title=%D8%A7%D9%84%D9%85%D8%AA%D8%B5%D8%AF%D8%B1%20%D8%BA%D9%8A%D8%B1%20%D9%85%D8%AA%D9%88%D9%82%D8%B9..%20%D9%87%D8%B0%D9%87%20%D8%A3%D9%83%D8%AB%D8%B1%207%20%D8%A3%D9%86%D8%AF%D9%8A%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%D8%A7%20%D9%84%D9%84%D8%A3%D8%B1%D8%A8%D8%A7%D8%AD%20%D9%81%D9%8A%202021

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28187094&title=%D9%85%D9%86%203%20%D8%AF%D9%88%D9%84%20%D9%81%D9%82%D8%B7..%20%D8%A5%D9%84%D9%8A%D9%83%D9%85%20%D9%82%D8%A7%D8%A6%D9%85%D8%A9%20%D8%A3%D8%BA%D9%84%D9%89%2010%20%D9%84%D8%A7%D8%B9%D8%A8%D9%8A%D9%86%20%D8%B9%D8%B1%D8%A8%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28187482&title=%D8%A7%D8%A8%D8%B1%D8%A7%D9%87%D9%8A%D9%85%20%D8%B3%D9%88%D9%8A%D8%AF%20%D9%84%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D9%87%D8%B0%D8%A7%20%D8%A3%D9%81%D8%B6%D9%84%20%D9%84%D8%A7%D8%B9%D8%A8%20%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%20%D8%AD%D8%A7%D9%84%D9%8A%D8%A7%D9%8B..%20%D9%88%D8%A3%D8%B1%D8%B4%D8%AD%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8%D8%A7%D9%8B%20%D8%B9%D8%B1%D8%A8%D9%8A%D8%A7%D9%8B%20%D9%88%D8%AD%D9%8A%D8%AF%D8%A7%D9%8B%20%D9%84%D9%84%D8%B0%D9%87%D8%A7%D8%A8%20%D8%A8%D8%B9%D9%8A%D8%AF%D8%A7%D9%8B%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%85%D9%88%D9%86%D8%AF%D9%8A%D8%A7%D9%84

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28187182&title=%D9%83%D8%B1%D9%8A%D8%B3%D8%AA%D9%8A%D8%A7%D9%86%D9%88%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D9%8A%D8%B3%D8%AF%20%D9%81%D8%B1%D8%A7%D8%BA%20%D8%B5%D9%84%D8%A7%D8%AD%20%D9%81%D9%8A%20%D9%84%D9%8A%D9%81%D8%B1%D8%A8%D9%88%D9%84

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28185976&title=9%20%D8%A3%D8%B1%D9%82%D8%A7%D9%85%20%D8%A5%D8%B9%D8%AC%D8%A7%D8%B2%D9%8A%D8%A9%20%D8%B3%D8%AC%D9%84%D9%87%D8%A7%20%D9%85%D8%A8%D8%A7%D8%A8%D9%8A%20%D9%82%D8%A8%D9%84%20%D8%B9%D8%A7%D9%85%D9%87%20%D8%A7%D9%84%D9%8023!

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28187356&title=%D8%A7%D9%84%D9%86%D8%B5%D8%B1%20%D8%A5%D9%84%D9%89%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9..%203%20%D8%B5%D9%81%D9%82%D8%A7%D8%AA%20%D9%85%D8%AF%D9%88%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%85%D9%8A%D8%B1%D9%83%D8%A7%D8%AA%D9%88%20%D8%A7%D9%84%D8%B4%D8%AA%D9%88%D9%8A%20

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28187094&title=%D9%85%D9%86%203%20%D8%AF%D9%88%D9%84%20%D9%81%D9%82%D8%B7..%20%D8%A5%D9%84%D9%8A%D9%83%D9%85%20%D9%82%D8%A7%D8%A6%D9%85%D8%A9%20%D8%A3%D8%BA%D9%84%D9%89%2010%20%D9%84%D8%A7%D8%B9%D8%A8%D9%8A%D9%86%20%D8%B9%D8%B1%D8%A8%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28187075&title=%D9%84%D9%85%D8%A7%D8%B0%D8%A7%20%D8%A7%D8%AE%D8%AA%D8%A7%D8%B1%20%D8%AA%D8%B4%D8%A7%D9%81%D9%8A%20%D9%81%D9%8A%D8%B1%D8%A7%D9%86%20%D8%AA%D9%88%D8%B1%D9%8A%D8%B3%D8%9F%20%D9%88%D9%87%D9%84%20%D8%BA%D8%B6%20%D8%A7%D9%84%D9%86%D8%B8%D8%B1%20%D8%B9%D9%86%20%D9%87%D8%A7%D9%84%D8%A7%D9%86%D8%AF%D8%9F

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28186035&title=%D8%A8%D9%8A%D9%86%D9%87%D9%85%20%D9%86%D8%AC%D9%85%20%D8%B9%D8%B1%D8%A8%D9%8A..%209%20%D9%84%D8%A7%D8%B9%D8%A8%D9%8A%D9%86%20%D8%AE%D9%8A%D8%A8%D9%88%D8%A7%20%D8%A7%D9%84%D8%A2%D9%85%D8%A7%D9%84%20%D9%81%D9%8A%202021!

URL: https://www.facebook.com/kooora

URL: https://twitter.com/kooora

URL: https://instagram.com/kooora

URL: https://www.youtube.com/channel/UCcHR8e5S-3uWN_yL64emgzg/

URL: https://www.tiktok.com/@kooora

URL: https://m.kooora.com/?nomb=0

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1640711128072_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1640711128072_1

Request Chain 137

https://gaae.hit.gemius.pl/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=299&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&fpdata=IOhrUDbaEtG2VzbOt6CpjzXXRh2oymkTyXYAJyc7c9j._7&vis=1&fpcap= HTTP 301
https://gaae.hit.gemius.pl/__/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=299&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&fpdata=IOhrUDbaEtG2VzbOt6CpjzXXRh2oymkTyXYAJyc7c9j._7&vis=1&fpcap=

Request Chain 142

https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm=&google_tc= HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEGxyof2kyUYyilUXhD83Usk&google_cver=1

Request Chain 153

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179 HTTP 302
https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179&alias=3be96404-0050-4413-8615-6c5cde450a51&type=tradedesk

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/ HTTP 302
https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&google_gid=CAESEFnJ71dPok7aRBqqIyy6Om8&google_cver=1

Request Chain 156

https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=562459823911593&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361284607885b8%26domain%3Dwww.kooora.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.kooora.com%252Ff360cfb15db61ac%26relation%3Dparent.parent&container_width=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fkooora&locale=ar_AR&sdk=joey&show_facepile=false&show_posts=false&small_header=true&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df361284607885b8%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff360cfb15db61ac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300

Request Chain 163

https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1 HTTP 302
https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1&trackability-redirect=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-jwZ4JddXCOPg1NwzsOBxF0CIExNe&source=dms HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-jwZ4JddXCOPg1NwzsOBxF0CIExNe&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1

Request Chain 164

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fwww.kooora.com%2F&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-wEbkwtT2j0%2BdaDQbH%2BylFQ2nyYWt&source=dms HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-wEbkwtT2j0%2BdaDQbH%2BylFQ2nyYWt&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1

Request Chain 195

https://track.adform.net/adfserve/?bn=48332318;1x1inv=1;srctype=3;ord=1640711130199887&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199887&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Request Chain 219

https://track.adform.net/adfserve/?bn=48332318;1x1inv=1;srctype=3;ord=1640711130199889&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199889&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Request Chain 238

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 242

https://pixel.adsafeprotected.com/rfw/st/826939/57461187/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 248

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&C=1

Request Chain 253

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YctD2xumtUZ7iAFg.QasQAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&google_hm=2

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAeFAKt0_lrsIr8Pf55Zn-c&google_cver=1

Request Chain 255

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTExNTM1NDk0OTk2MzE2Mw%3D%3D

Request Chain 262

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKirt5y-khziELfBE8fSA8M&google_cver=1&google_push=AYg5qPJOvYGSnqHZhlk-gp98ErQHBRB3U8-EuQHE_EUtnNXqdaFth16sObWxmeh0Mn1XksN5NYEuVeXSK-HW5dkzW-ymZR4B_oU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjgwMDY0OTgzMzg3MTUwMw%3D%3D&google_push=AYg5qPJOvYGSnqHZhlk-gp98ErQHBRB3U8-EuQHE_EUtnNXqdaFth16sObWxmeh0Mn1XksN5NYEuVeXSK-HW5dkzW-ymZR4B_oU

Request Chain 263

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFla45rqxmqPhKVyX__QglI&google_cver=1&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlYEr4w8J4eWV5jNUc3YW6EjQ7JMcTnizW2my_3qM HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFla45rqxmqPhKVyX__QglI&google_cver=1&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlYEr4w8J4eWV5jNUc3YW6EjQ7JMcTnizW2my_3qM&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=y_zUURgMhtvtTXDj1ToJlw&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlYEr4w8J4eWV5jNUc3YW6EjQ7JMcTnizW2my_3qM

Request Chain 264

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9PANb7hKkGoRAPuCuj51I&google_cver=1&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6yfhiecfc5g HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9PANb7hKkGoRAPuCuj51I&google_cver=1&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6yfhiecfc5g&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6yfhiecfc5g&google_hm=18c8abbbf96fb6544d766612

Request Chain 266

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8 HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8&apid=UP5d1357a3-6800-11ec-8733-06e1266eb28c HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8&apid=UP5d1357a3-6800-11ec-8733-06e1266eb28c&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8

Request Chain 268

https://sender.clevernt.com/transporter/51316.php?ppuc=1&ppu=0&id=523132&ref=aHR0cHM6Ly93d3cua29vb3JhLmNvbS8%3D&ruri=&r=376922511&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=360&ts=0.134 HTTP 302
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583

Request Chain 274

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=3105638089&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=3105638089&gdpr=&gdpr_consent=

Request Chain 284

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cver=1&google_push=AYg5qPIvd1Fhcw_rF1kD1P5TU3JJF2Lar0C9cmuvLi8CVMFs2OAZ89DimJijSrogV-BSYcLpnnIAw5NF3akBCwy3JS0kPQyzxV0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cver=1&google_push=AYg5qPIvd1Fhcw_rF1kD1P5TU3JJF2Lar0C9cmuvLi8CVMFs2OAZ89DimJijSrogV-BSYcLpnnIAw5NF3akBCwy3JS0kPQyzxV0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE01cnFwNTcxTjJmVUw1&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cver=1&google_push=AYg5qPIvd1Fhcw_rF1kD1P5TU3JJF2Lar0C9cmuvLi8CVMFs2OAZ89DimJijSrogV-BSYcLpnnIAw5NF3akBCwy3JS0kPQyzxV0

Request Chain 285

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENp_6A2P4AaVBvphsFr-j8A&google_cver=1&google_push=AYg5qPJ70xgxfw-eyfo7CVawEcvM-IWo2gyUg3hVGR0FRkZzSTf5ENkiBtcn4XRVbyFQ8sGjLEbj73u3p-6VU5s30s_GiBpnzgY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENp_6A2P4AaVBvphsFr-j8A&google_push=AYg5qPJ70xgxfw-eyfo7CVawEcvM-IWo2gyUg3hVGR0FRkZzSTf5ENkiBtcn4XRVbyFQ8sGjLEbj73u3p-6VU5s30s_GiBpnzgY

Request Chain 286

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAMWXxzrz75THBbo-VR8ivA&google_cver=1&google_push=AYg5qPKJ7WCAcV0zVaOb4A-1XkrcL88OEWngPsaHAg4fehwXTCxNduCLGSZ21oXQ5ZnKvo2-X9DrlnQkNy7L6qNNe99-Ulse34s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzODE3MTczMDMzMTc0NjYyNQ&google_push=AYg5qPKJ7WCAcV0zVaOb4A-1XkrcL88OEWngPsaHAg4fehwXTCxNduCLGSZ21oXQ5ZnKvo2-X9DrlnQkNy7L6qNNe99-Ulse34s

Request Chain 287

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9PANb7hKkGoRAPuCuj51I&google_cver=1&google_push=AYg5qPIlyDf6JMBlpH1XMwwuptZDQxilSDs13Ph8KaWB6v27cFCWNIUXru6aFjV0g13metEIjfUupVHhZNizmsKCpgGCgbd_h6k HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIlyDf6JMBlpH1XMwwuptZDQxilSDs13Ph8KaWB6v27cFCWNIUXru6aFjV0g13metEIjfUupVHhZNizmsKCpgGCgbd_h6k&google_hm=18c8abbbf96fb6544d766612

Request Chain 288

https://match.360yield.com/match/ebda?google_gid=CAESEAdrAeFdgUtO6QibIBCuFDE&google_cver=1&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAdrAeFdgUtO6QibIBCuFDE&google_cver=1&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6PUkEkc

Request Chain 289

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-nZCKrFp6FGOQo6pGS4cuT0JOMbEv_qQ_03O HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-nZCKrFp6FGOQo6pGS4cuT0JOMbEv_qQ_03O&apid=UP5d1357a3-6800-11ec-8733-06e1266eb28c HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-nZCKrFp6FGOQo6pGS4cuT0JOMbEv_qQ_03O&apid=UP5d1357a3-6800-11ec-8733-06e1266eb28c&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-nZCKrFp6FGOQo6pGS4cuT0JOMbEv_qQ_03O

347 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.kooora.com/ 23 KB
10 KB 81ms
52ms Document
text/html 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c3fef496f75dede09bae56772ee6d03b633b9dcae798160e990e2f87e3f2d486

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-type: text/html; charset=windows-1256
cache-control: private
expires: Mon, 28 Dec 2020 17:05:27 GMT
access-control-allow-origin: o.kooora.com
x-frame-options: Deny
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWUT9ZkaWVnZPgQLIzNjCd5YDLZ6kvTUYyZSD6iJMwQg7glFp1L5vd%2BqFM2uA8gdngyGbSGJOmn%2F5Vnx%2BnpVLopddMHcBNxujgeeaAezhmM3Hv%2FR8P9q2VbXjix1KHsj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 6c4c5fa28a1f5b62-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 moatheader.js Show response
z.moatads.com/choueirigroupheaderdfp445340272806/ 245 KB
85 KB 76ms
22ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 73ca4aab4fdd9dce9dfafc753fc405eb98dc1520601ae2cf9bc652fa79f3b9f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 16:25:13 GMT
server: AmazonS3
x-amz-request-id: 5KVEQ9FJEVAHRJWD
etag: "cffd70438b90f46483ff6a552a1d2e25"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=47643
accept-ranges: bytes
content-length: 86496
x-amz-id-2: k6to+/eZ7Aemo3iYk5tO3ajA6ar4knN/n+E+qBELrvTTlWp86T4+1RPXPLfCDpGpuVFbLjYp/Z4=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 50ms
27ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1084 / 721 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 17:05:27 GMT

GET
H2 200 aw.css
o.kooora.com/ 202 KB
36 KB 48ms
38ms Stylesheet
text/css 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/aw.css?rev=551&ch=5761

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f460457855a40f0a32420db153d5c662c09482b578439029ae6ca3f287e5718

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2349325
cf-polished: origSize=207376
last-modified: Wed, 01 Dec 2021 12:29:36 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"44427e1aafe6d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3TDuuvEUkuZH139RnSsSco8FACm0THvxUjj0R%2BOH%2BJFUWWmXgkXp%2BBnVe%2Fw74nmkWqoPelNjzlxOXvCvyyT3ZjymDb8isYwqoYPDI6VfBIszdVgritYVIXPHCfJPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6c4c5fa31b145b62-FRA
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
o.kooora.com/ 87 KB
32 KB 38ms
28ms Script
application/javascript 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/jquery-3.5.1.min.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055261
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 13:40:24 GMT
server: cloudflare
etag: W/"0947d5c9a3dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svAv3S90YSV4j0Wdcvb%2F6ESu6NlEvqXPAHZeMoGDLSm1sQ7Qu%2BS54FwpWBUBqkzkYRga9thQLv8E1PAoiliSaFwL%2BYszJ%2FbDClZsSSXYtbAfor%2BtRDrRRDSttiqrrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6c4c5fa31b175b62-FRA
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H2 200 nw.js Show response
o.kooora.com/ 888 KB
213 KB 104ms
50ms Script
application/javascript 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/nw.js?rev=1673&ch=7511

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179dc9c310ce99e765d7a7ac083a2fabdfd3a2089a609f119e85461eba73a03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26312
cf-polished: origSize=913409
last-modified: Tue, 28 Dec 2021 09:46:35 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"752169cdcffbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v2kvNr0L1UlzetptMuq8uuj4FrXr%2FBsDXCwCseZTuhJA1phV3LlDLczzTvmiV0SVCVR5G96kF7MOtUKAHlq%2B84%2B5yaA%2Fxu56A6ZMNvdIJQgZoiC3H01W6malb8zkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6c4c5fa36ccbee79-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 api.js Show response
www.kooora.com/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 51ms
27ms Script
text/javascript 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee02a3191810a0f19abf2a16e59fe6ca498dcddddbe7ee689c2be0d45e28a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZvTN%2F85IBw56sHlqg4nYX3t4Cx0jhMsh0DoOEEJD5wS9Iv7e4kyytQ1t1zgIneQ4hXoi%2F%2FQMIahW2DsNadTdUxiCc4k1yrrRGEIGeXg4m0Nu5rRmTJoKVLiVeruoCyN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6c4c5fa3de983ba3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 73ms
53ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.kooora.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6c4c5fa41bb42c22-FRA

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 34ms
18ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 17:05:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 254 B
163 B 32ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-54-76-61-179.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

f7341001f191d5cbd50f0235479ad2bef8412e37548f02fd11976afadf19879c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
expires: Tue, 28 Dec 2021 17:05:27 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 318 B
492 B 190ms
43ms Script
text/html 52.48.241.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-AcUfbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-GRXA3ZfY41ErZQ%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=727393767445&callback=MoatNadoAllJsonpRequest_88949643
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.241.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 84ee1dcf31958e790e319097fdeef18ae82fc04dfa8a92edc6d7ae8ce5cad5d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "ef6caadaec0a8a228a43e21182f922e39541d8fd"
content-length: 318
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame C760 1 KB
2 KB 20ms
19ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

x-amz-id-2: cMTMm/T5i/x+FajcHkVdFOSmWAZag3PGFBeFtprKDfuotZYacHPbNTZ9It13lKcp9wxjAAroOng=
x-amz-request-id: 3AF06B645285EDE5
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=1363
date: Tue, 28 Dec 2021 17:05:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

212f2e4ba6f5f45ad7f61a76dee98ab329d6ed554f5a0c322ded87fb10a5253e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Uc4VrUdK0iNxr1suisFQYQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 28 Dec 2021 17:17:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: HcpK2e9FZR0Z2sW+NUeYrqTwLQcPWe4J/9SFnGUHNlktRhSGMH4hs4hxMEqBWO56J3IzgQ2aj1IK/jB3p62WYw==
x-fb-trip-id: 917726464
x-fb-content-md5: 62ea4a95c09c73a69f58d1690e364edc
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 28 Dec 2021 17:05:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fa30f90a90babcde3b9546b0511da4d5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 05fjYcVaEA3dwgAb0KkHe3V0/CoSpUnm1b5lQ12v09IiPft1yhXXXwaAnjwiW/h8S+zCjrSA8fC/r52Ajv9XFw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 28 Dec 2021 17:05:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cn.js Show response
kooora.cognativex.com/cognativex/ 1 KB
1 KB 96ms
42ms Script
text/javascript 2606:4700:20::ac43:4487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-12-28
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34fe0f84656b496b91cfe919e6f8460e9731b2a4ad163f1e278f8b7af60a8536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=eA/RVA==, md5=NpWFkT9amAy+AW3fIi+YeQ==
date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17940
cf-polished: origSize=1053
x-guploader-uploadid: ADPycduIOrp7iWKzDG6virp0IhuybLiIjZ0863K9SeneC4WXLFNZV8ML_mnB5OQ2Lr_HWH7ifGFJMO0c-JfoxmV_hdI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Fri, 19 Nov 2021 09:23:52 GMT
server: cloudflare
etag: W/"369585913f5a980cbe016ddf222f9879"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR4fJE0BMW3H%2BkQLwLeuHng74GwHY6H4EIM%2F5U8pfzzBuJphYpJMfxS4123WEzj9105u1MOfwFCGAeTFTMT950S0lez1RAqJ7ZXJBIOTKCtUN4Mm05ONw5%2FofpYx6Qo0rGJPT34xvIciAf%2BuWAwq6yt6qA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637313832065817
access-control-allow-origin: *
expires: Tue, 04 Jan 2022 12:06:27 GMT
cache-control: public, max-age=604800
x-goog-stored-content-length: 1053
cf-ray: 6c4c5fa4ceac375d-MXP
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 261
date: Tue, 28 Dec 2021 17:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Dec 2021 19:01:06 GMT

GET
H2 200 tag.js Show response
t1.effectivemeasure.net/ 22 KB
7 KB 37ms
8ms Script
application/javascript 13.225.73.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.effectivemeasure.net/tag.js?1640
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-43.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b00b1bfc13107699852b352569a8aa7a277a3a30ef9660bd085baa7a2f1cbec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:15:09 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:44 GMT
server: AmazonS3
age: 57018
etag: W/"489d05d67b9e8e4403e07a14415c7f5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rEQnIXiCPvxlo2i4XEtLxZhfzCXieWA3dDG0D4FWU9J5pR22h_e85w==

GET
H3 200 / Show response
www.kooora.com/ 16 B
806 B 75ms
75ms XHR
text/html 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?vc=true&_=1640711127590

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/jquery-3.5.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7eb1552a582c0f5ac5b3b39dc87e875d06e57ccd882947afecaa199e5c7f95f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://www.kooora.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIgZrTZzkWL0Qgi2LZuLifCqz5pJnEQJyWrw2MGSi%2B4U1aMfstgSPF1mydlSGIjoxIOOSiWLjZbHDJWd5Q8SCuwMtBqhCa%2BTD254lFUfzL1T8%2B%2FicdR3RR5o%2BJKv6Jiu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6c4c5fa46fff3ba3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 28 Dec 2020 17:05:27 GMT

GET
H3 200 searchgold.png
www.kooora.com/icons/q/48/ 1 KB
2 KB 32ms
32ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kooora.com/icons/q/48/searchgold.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

be66f2a7e95a29627f762c8b1c399a8a19f1b502f9dd31e5d5b7a9d56129acc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194
x-powered-by: ASP.NET
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1530
last-modified: Tue, 08 Sep 2020 16:34:35 GMT
server: cloudflare
etag: "37fdceeffd85d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc40lpz3gwtLwO1ZTK33y3IVvKGKArFmYoh8k4qWOwj%2FMJrdg8CiLd1j%2B39WWiAKtPDBC7dJaw9TYNahRcv%2BEwy6K7fhQjH%2BpkaMqe%2BMTnNI0YPMNGyM1DhM3Xjbuidj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6c4c5fa4e95a3ba3-CDG

GET
H3 200 star_off.png
o.kooora.com/i/ 1 KB
2 KB 33ms
32ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/i/star_off.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af6266c7294570a36a20fef6f4529694e9e2e929cb9b9967140cb7d151700cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055254
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1147
last-modified: Mon, 23 Sep 2019 02:39:07 GMT
server: cloudflare
etag: "db8b912b871d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcu9UVN51aocujp7Er%2FaMrcHljPd6I%2BM0MQV6q3rd%2Bn6QX64XsBrefB1XTKAGIw26N33W4x2aDvZsNhIi9CAY%2FSCEGz2qKxUpJDsudZIGVCQaN7db91HgyplXEvu%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa4e95c3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 star_on.png
o.kooora.com/i/ 1 KB
2 KB 80ms
79ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/i/star_on.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d633236b5c38e131798d189e5e5c96866e9e525322fbaf84fb82e7c02a2584

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1466
last-modified: Mon, 23 Sep 2019 02:39:07 GMT
server: cloudflare
etag: "dc755f12b871d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4o%2Fspf%2BcQOJIa6SLTuwjy9PNv6cRs8MPlCp9hBG%2BHMgSxw0i2A%2FVJ2cZNrXtPZ%2FVLE22M4uBfO7dADfQApTyZ1%2FD4yrvJwgZWbdZG8Ei8PuTTZfJ1dOF%2FdPvyRADA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa4e95d3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 tgold2.png
o.kooora.com/i/ 6 KB
6 KB 37ms
36ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/i/tgold2.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00e59ca3319ceadd0848ecf3fa6be8afb9af764c561c5ace3669c6a6f3be7991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1002432
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5731
last-modified: Thu, 23 Oct 2014 11:27:38 GMT
server: cloudflare
etag: "e949a659b4eecf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v1FvxBYOVpEblZJ9Vjc3HIKXsXIA3%2B3pytSVt%2FFpEIDawk4awIooQ8ZbUk7F3kIX38LW5n8LZJis8%2FpcAkvrioqqPDOnk8QM%2BjSaOVlKOWD58RVf4r0x%2BJlsj8bfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa4e95f3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 khome4.png
o.kooora.com/i/ 16 KB
17 KB 37ms
37ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/i/khome4.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9db1fac9568ba8263c2ab313c9e4f15dded5a2e1aee78dac9c2ea6970717714

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16359
last-modified: Wed, 25 Mar 2015 14:43:11 GMT
server: cloudflare
etag: "9acd744a67d01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfdtyobo5zGtE0h%2B0hTI1GYrokZh%2BN9am1IBt27XqLx4HS41VG7uoffAlLeaBPAd%2FHd0hmFKZ%2BgDLhUaut2ihtfTKOgE38ChrkB0X%2BUQT64tJjpwa1pwLWdU9VmG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa4e9633ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 / Show response
www.kooora.com/ 16 B
804 B 79ms
79ms XHR
text/html 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?vc=true&_=14002850

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7eb1552a582c0f5ac5b3b39dc87e875d06e57ccd882947afecaa199e5c7f95f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV6EP9ianHm9ZYWkxmPHnn3taLU098xPyvpO2upaMbiO25DRkrANIUSJqPqfnfRQjsWrnGZ3QKBf%2F7epzdXNc%2B9ah3EuRvNBSZYM21t%2B1DjA3tkDhhk47pmWIsokCHmz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6c4c5fa4e9663ba3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 28 Dec 2020 17:05:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
47 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6fc862c47bce9ce3525dec03f07e5417e21c8e0ae62b4797b0e883b105201d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47803
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 17:05:27 GMT

GET
H3 200 tc.json Show response
o.kooora.com/ 2 KB
1 KB 71ms
48ms XHR
application/json 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/tc.json

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0a43739be134268837d1a509a7b6c34a79d061417ddc87b99c8cc73bc6796bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055251
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Jul 2020 13:03:06 GMT
server: cloudflare
etag: W/"0a1c7441664d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwRY5K86MJ6g0xGVeJjCVBMcr3%2Fvc7Xv3HGxeKMtmVTtre1gt%2BEP2SHpHQOfMgRHukabDtVKDj08Ava0I0LaLsZD3xt2HnbruzkyR9JtE%2B%2F5YbA1934PnfC3CQ41gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c4c5fa51cb739ed-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 CAF_2021_970x70.jpg
o.kooora.com/mq/ 31 KB
31 KB 71ms
68ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/mq/CAF_2021_970x70.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79fa17324dc6a4536d52c3da0413c6dde158c63f90d8b308a1576e9feb836ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 504153
last-modified: Wed, 22 Dec 2021 20:56:58 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31283
cf-bgj: h2pri
server: cloudflare
etag: "8611f87576f7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbHrhNOCZNc4wgld1SVaLDznLwqKNVE2AuOMhUpvoie81qYU%2BP%2BvggaKFHvRH%2F5LJD0O0O%2Bd8lVS4bbXEFYGkenOp9DI3LMeOKgfh9P%2FGDmC3FbiMhEND%2BoKL%2FkPPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa4f9933ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H2 200 /
img.kooora.com/ 13 KB
13 KB 41ms
28ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-10%2f2021-10-06%2f2021-10-06-09509728_epa.jpg&z=320|240&c=36|0|729|547&h=6250

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

577bafb7af884f8b5641b936bfd1836201e80af117952f5d402afb42a945f6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 11621
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-10_2021-10-06_2021-10-06-09509728_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12910
last-modified: Tue, 28 Dec 2021 13:51:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64LS201N%2FyG7%2FVqhkqEqI8nNZMnMQo3DJRX%2FocFFYo0WG3fNmrGEsbBWvOSc6i4VAN2Vi5pRpBpedkSHBpTc14bbI9tPFj2m16se%2BcJE97jb4o%2FNgoK%2FZZQq%2F%2FM9Z1g2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa50f3d5b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 14 KB
14 KB 42ms
29ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fspecial+red+cards.00_14_31_17.still001.jpg&z=320|240&c=181|0|954|719&h=6248

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

942aad78d2967ed05f2d7737d7885fd6c8de1c4bd94c173f257a8472824c8ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 25902
x-powered-by: ASP.NET
content-disposition: filename="amr_world_cup_special red cards.00_14_31_17.still001.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14100
last-modified: Tue, 28 Dec 2021 09:53:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozeNJakZhl5lUtQkYu0R3cZ4rh25Zq2wrc9%2BFoGAKwIEg7i6eiZuenVZiPNdEn243n8w1%2FaQ%2FyM4FxbpXcAKeXwBPkOPvU7EipEKglMiq9gzeFAVqkzxjiSEy010dEkQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa50f2e5b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 14 KB
15 KB 46ms
33ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-17%2f2021-12-17-09646401_epa.jpg&z=320|240&c=59|0|699|524&h=8743

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c66ecfd8badc63564750781b418773a65099cb338d8ee7048a7ae41b34631fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 30095
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-17_2021-12-17-09646401_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14368
last-modified: Tue, 28 Dec 2021 08:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qjNzvR81e7bsNVlTCZzdYDzLnIbivCjih0kq283uxIUVIOM4tKYHBs6mc9pMzbrAso%2BxfXt6nugadfiUzYWctNioe1BptqTDXEgXescN2FLNlKBsJSOZWn%2BOL8mLZUh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa50f3a5b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 8 KB
8 KB 116ms
103ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ashrafmks%2fleicester+city.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0fe66ac35a4bd9091a9b961644c18c2f14e6b1d623fab3dcef6e93e1afbc813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6922896
x-powered-by: ASP.NET
content-disposition: filename="ashrafmks_leicester city.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8099
last-modified: Sat, 09 Oct 2021 14:03:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0s%2F%2FqAUxhmeYMKmQNskujC9RFTiZH2XYxroaurhCByOv8hwFZUcC%2FwAoBX3FM%2BhZdwNMwGqvGJ95qS8chl8aEoeJa5HKeELsz5JtO785TGYNwn8fco3tbVYxFHCr7Z0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa50f355b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 8 KB
8 KB 47ms
35ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2fliverpool_fc.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d3998bebacda90512287b2d33014765af10be08a50ebefd87903c6c8a020efc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 984219
x-powered-by: ASP.NET
content-disposition: filename="teams_england_2014_2015_liverpool_fc.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7687
last-modified: Tue, 26 Oct 2021 08:25:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF%2FxU%2B1c%2F5wkQxOcmJZhClLDlhh04Tj%2Fb2Ks1%2B9pTCo0Peoi%2F6zyJRqTDknQLzhgt8hyOyAbt4x%2FK6tyS1s%2F3bh0VDmoiX4zpAoUh46mWpVSeX1JNds1plA5QTtGfqZi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa50f325b62-FRA
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H2 200 /
img.kooora.com/ 6 KB
6 KB 52ms
39ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2fsouthampton_fc.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

643e0ceabf7cc4d12d4ff822ab9aefd74244e9eef2db518a39822e195ee66e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6921977
x-powered-by: ASP.NET
content-disposition: filename="teams_england_2014_2015_southampton_fc.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5640
last-modified: Sat, 09 Oct 2021 14:19:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oILZFrr4XMxFDuwoIrwiORRKCavunHeQI350OtyhdEMA6cAT6MctBOJX8RqoCNhzRUG98UOSDZ5zfnMkT24pwEgkGnP%2FUczS8dNTXOYiCRL4O0fTHha1%2FipWfF5bujg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa50f375b62-FRA
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 44ms
43ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2ftottenham_hotspur.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf6cf3591409e6fa7c59f75147ac9822d46e6ab3ac20b59d136e017762cc505f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6921446
x-powered-by: ASP.NET
content-disposition: filename="teams_england_2014_2015_tottenham_hotspur.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4082
last-modified: Sat, 09 Oct 2021 14:28:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23oKbIYgr6Q77n%2BkneF75Ml1H9qY%2FF8uQv5mC706fcKCvPTC5NpKbim3pgGfOvMvwWuhdKoy%2B2nclMr9EVfl86NbdfPtibxMOfdGOmaOZbKnjlryWHfKQkELZazKagHX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a393ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 44ms
43ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=00%2f7%2f511.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

976555a0cb944dc3346c454f4ed05cc9c52e47412b44e59de7478a9d6a4b444e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3496192
x-powered-by: ASP.NET
content-disposition: filename="00_7_511.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4485
last-modified: Tue, 26 Oct 2021 08:25:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuf1nKFnJzE7yAWsQElP%2FVM%2FdQ5bT4jRbBtsjO2VCVzI2ELJkha4ogjlpbgxzRAhwDaJyUes7KwKfIi6SNhVnR%2FGggjF25c2BGrJYYTc3MQU2FU55JOGZhjYp8KR%2FYnB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a3c3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 5 KB
6 KB 45ms
43ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ohatta%2fteam_logo%2feurope%2fengland%2fwest_ham_united_2018.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

33a9c5e97b93edb002f7fcccc77f14538deb53de5202ffd66d256681495559e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3670421
x-powered-by: ASP.NET
content-disposition: filename="ohatta_team_logo_europe_england_west_ham_united_2018.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5629
last-modified: Tue, 26 Oct 2021 08:20:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaukhTKobxoEKIQkgnnmCKVrb30dKc9hlEmlCSSc6a1PoSQiUfk09BsGjDxJC8L85rqxMUapPilR%2B%2B8lR85L7BG9YKwTnIYSJ4ldPvdxq%2B%2FnbuEoZNtN4wh6momzG6zo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a3e3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 6 KB
6 KB 45ms
43ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2fcrystal_palace.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1e09c8e62a9c8b274dee0b1602dbe20757cf99d4c42df14dbd0a082e90b3d838

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3676018
x-powered-by: ASP.NET
content-disposition: filename="teams_england_2014_2015_crystal_palace.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5891
last-modified: Mon, 25 Oct 2021 07:07:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcC0x0UcMvSk7ZgAZqRiacSZV6ER%2BGJr2CCCRWiddRxkUudh4Q6P6EKRU9ChaAsJ%2BFNty8f3uyEbioTM7Af%2B5NunUVkUNG8uNeEGNgSNw4gB8ynugz98NzCAFxCMpAWy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a403ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 18 KB
19 KB 55ms
53ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0kuwait0%2fnorwich+city.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

776dc73c5223da95fdf981ab82940dfe7cb149ddfcdd72eab39196c3f8679b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6921152
x-powered-by: ASP.NET
content-disposition: filename="0kuwait0_norwich city.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18571
last-modified: Sat, 09 Oct 2021 14:32:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7KiW7JZ%2BQSA8PMb5B%2BT69QMOluWuj5W4JnVt4NssymOVD83%2BckJY8H2bFppboEd04XmnmUlI%2BhRSJmk7iZ3e0ubG6ANPtpwbuGrDlUMxiegRSiNkW2cDPo2URKSHAJ9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a443ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 9 KB
9 KB 54ms
52ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=00%2f6%2f1073.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

554cd0ace81446ffaeccb713bb0fd386ddbbf2e771cd19d0ca8bf37b89f7d17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1100079
x-powered-by: ASP.NET
content-disposition: filename="00_6_1073.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8706
last-modified: Tue, 26 Oct 2021 07:40:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TubQnWY9zFjeWCa0Hus0Z72mISfVfFMf4q5%2BmclfEl2Mg6jNMSjBq2s70h5SEbHxcsmZqPXR9FMv1x4pfXAmxUTzH%2F%2FCsisbid%2FXd5tgT1%2BFZpmLG2xmoQXG%2FS%2FynNGj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a483ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 13 KB
13 KB 56ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ashrafzamrani%2fwydad+athletic+cluba.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e146d74cca29eb7d946b69517830da1aec23d45ec04be50f3d60e72c18e16ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6922940
x-powered-by: ASP.NET
content-disposition: filename="ashrafzamrani_wydad athletic cluba.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12844
last-modified: Sat, 09 Oct 2021 14:03:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mfjk7%2B0sV76JvgVvNE%2BCTLF55QCv5P7CLKh0RQnp3%2FeJ0R2jsruZXYUjL30vaa11xL9NuCokfDj5OGV7AFH8NpGrV2mB%2FxuTeBadCyKqoeWzOuJispEmnAEfFSnujC2P"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a493ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 19 KB
20 KB 56ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=katkotati%2fequipe%2ftur%2fgalatasaray.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9975ecbdf815f9d1598c5ccf75725ad73404d9cde9770f2d2967d48d8da5cb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3670452
x-powered-by: ASP.NET
content-disposition: filename="katkotati_equipe_tur_galatasaray.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19763
last-modified: Tue, 26 Oct 2021 08:22:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6WHGSwH7pepmBvQhRmB8F6WbMbeJ%2FigEk5H3ombotZuPcv6KufVLh0AuD4ZhxGipSy8LvnDsZ%2F8rt2l0pg2FbA7yDlWKZhKh%2BdTjbuG3M917zpq1v3EhEYpp4%2BGM1hJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a4b3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 27 KB
28 KB 54ms
52ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=katkotati%2fequipe%2ftur%2fdenizlispor.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

df09cb457e5c84af604e6bf760e4095ad0ce704dcd8ddc8e9ff7b293ad32f820

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1074209
x-powered-by: ASP.NET
content-disposition: filename="katkotati_equipe_tur_denizlispor.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27900
last-modified: Tue, 26 Oct 2021 08:53:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPdP5MGaFC2B2ffIIVmqd3r1CQ1PvrLPCkpe4oMO5WOa%2BxhkO70A8NlNsrkwhHyDz4h8UQJWFtNNpDsGPmIdCFQWzAvMek6AQY479cUmT48Yn5wCtxlR%2FNeXayCLabCh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa54a4c3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 headbackground.jpg
o.kooora.com/i/ 8 KB
9 KB 41ms
41ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/i/headbackground.jpg

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=551&ch=5761

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bc0e1c67d8e5d4b614f36c913a86b62081eca21e729eac97f59a02e86c528d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://o.kooora.com/aw.css?rev=551&ch=5761
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055232
last-modified: Tue, 28 May 2019 21:11:41 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8128
cf-bgj: h2pri
server: cloudflare
etag: "c659fcf19915d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baEiCwCJUdcZ9jK1fqD6s8hFZZ0ClmfWlzlJFofEgXdDOrYWFgduxhZAMx5hO1CEkjFsTuqtSxTZKulUl%2BZ5YxvcK%2B0QRMHMXkFwjCSuW5DJLraA2dmfS2xhfRTGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa509a13ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 flagz.png
o.kooora.com/n/ 38 KB
38 KB 43ms
43ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/n/flagz.png

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=551&ch=5761

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66ec46fbda79d7e546ab6cf666143c918cf0104c04f186940c5c43fc6107545f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://o.kooora.com/aw.css?rev=551&ch=5761
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055231
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38614
last-modified: Sat, 11 Sep 2021 19:53:45 GMT
server: cloudflare
etag: "80ea8bba46a7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjX%2FUUXySB1f2FeSTADxXjR9DBcWyzOpehzwDvN%2BXlFwb%2FUnc2aWSHH%2B2yl4k%2BW5EjB%2B6Ed0LGwmgMEKxsGUD3xv4HpKl8WRl0E%2Fmikbrm0Zk0XWjCXHfa9x6j5mSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa509a23ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 all.png
o.kooora.com/n/ 12 KB
13 KB 34ms
34ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/n/all.png?v=7

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=551&ch=5761

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9487510c4ac595f55eb9df4705241a1edaceb92201b421e15e6056105de1a918

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://o.kooora.com/aw.css?rev=551&ch=5761
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1006396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12302
last-modified: Mon, 11 Oct 2021 08:29:20 GMT
server: cloudflare
etag: "0b04a167abed71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ebv32SXuQIgYHqnX8ADHoHmzi2REA9smZkO2SA2yPrharo%2FNk9fdt80%2BJLxDrX3WprpN6qfnwtESmzgjAL9Ielq3Tj%2FwYkyRWGXbMM0ks2pzluS4UMDD5vZh%2B%2BKmwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa509a33ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
DATA 200
OK truncated
/ 806 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de3b7e01aea0bd98d6d26ecf3123bf335692cb50664dd50031783d2adcc5841a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 57ms
56ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f169%2fkoo_169076.jpg&z=120|90&c=70|0|455|341&h=4097

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

640670515d2154a66b38854347a786def22fde9ca3cd19d5f2b63c60136a9310

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 15386
x-powered-by: ASP.NET
content-disposition: filename="corr_169_koo_169076.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3271
last-modified: Tue, 28 Dec 2021 12:46:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUBiOnuK1bSpTw%2FGSXege0DUEfwrAHSPkfUsFgbkRPapWfp6F1NmpuWbbMxlSE6yF2zwvK9NBU8q%2Fuv8gcMRAm5v%2FXU46b6BC3a11czc8WDcdjmEYsxuw8TAlElIZa8%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa55a653ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 52ms
50ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fno+comment+bonnuci+28-12-21_thumb.jpg&z=120|90&c=126|0|954|719&h=8367

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

121f6a619997348cf38385ee66ecbc7e95b004e1317f60545cc28717cf6668b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 7795
x-powered-by: ASP.NET
content-disposition: filename="amr_world_cup_no comment bonnuci 28-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2392
last-modified: Tue, 28 Dec 2021 14:55:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBFWyNGaXUubMkk8iObuwaMu2mOo%2BR431tD94rpfBI1yTT7FRf%2FYEailjwogxQDRx3Mr4FXkRPuUZEeVAZL1UVmdIT7rw82Vd4FEQ5ylyM2DSnxlNCSoadx9THinY9tw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa55a6c3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 58ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-10-02%2f2021-10-02t184420z_139528834_up1eha21g1tq0_rtrmadp_3_soccer-spain-atm-fcb-report_reuters.jpg&z=120|90&c=79|11|593|445&h=4644

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

834157927694e725a0deb11902d889ca9dd3bbd027afe45f4c0eaaef69f3ce37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 2839
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-10-02_2021-10-02t184420z_139528834_up1eha21g1tq0_rtrmadp_3_soccer-spain-atm-fcb-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2768
last-modified: Tue, 28 Dec 2021 16:18:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEEV1ghBLypQ0KLIGCdOdGwmz0%2FsaSVL3dZH%2FdPDG3YMHDKCUz2ItmLe69E2LKbcRR6U8puT%2B4yYczjJrWnTPpDLkB%2FjoghJvxlSqopVolUeLXSuIPulv3woofjUAY4u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa55a703ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 58ms
53ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=parisstars%2f9.jpg&z=120|90&c=76|0|522|392&h=6891

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aa8d9d570988b8e2873c33d605d8b2127fa79dd8e4a5b99a780478e9ef7febdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 323
x-powered-by: ASP.NET
content-disposition: filename="parisstars_9.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3259
last-modified: Tue, 28 Dec 2021 17:00:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upSmz47W%2FUHp%2BB5ldZbPYEJQW4Ds%2FAYTpx8VZNj9RiNHOZ5ulrrpixR1wYZiCRjNezUUJYNGrjlXzrbJJ03AQEVd7zwy1%2FIkwvMcgFJiNq4SUS00OTiDzKent9I5h6K9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa55a743ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 58ms
53ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-11%2f2021-11-27%2f2021-11-27-09607787_epa.jpg&z=120|90&c=132|37|627|471&h=6750

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9383f2dca2d894cc4acbfa0d376f77a17bf801b786ae1c0b823f2c11cee092a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5740
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-11_2021-11-27_2021-11-27-09607787_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3566
last-modified: Tue, 28 Dec 2021 15:29:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPLUVNE%2BEF%2FkgDIFq2JlDOOj0pdrHaKVjWOppqhD3b2x%2Bkq8EHK%2FvKLS2KQcR%2FPLxFi5PpVbzigBFQ2kaHE%2FXl1UbExCeTQv7fSuTQxADC%2FO0Ys20bSBCUlt9gPiu2W7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa55a793ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 61ms
56ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fspecial+top+7+27-12-21_thumb.jpg&z=120|90&h=6959

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

47cefd40c1fd376d5e02f5492e18063e1917e1f27c364269944e8c4a7443b4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 84877
x-powered-by: ASP.NET
content-disposition: filename="amr_world_cup_special top 7 27-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2337
last-modified: Mon, 27 Dec 2021 17:30:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p2pZ6Vqj3BHhqGe6bj71uHhspn5bPMSrwoKgTFwx2QQii3RR6SKGQ4vBpAV0RgCqCi3ZObGX8ZAbL3c7b03lY5Pw6QIkwE3h3AELupbtyRbPA%2FBKm0%2FeMCBeCdVxRbR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa55a7d3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
4 KB 61ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-21%2f2021-12-21-09653158_epa.jpg&z=120|90&c=49|0|709|531&h=8166

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

300ec3f6e3efa4f864864ba6553f6ae8cb592d1cfaeb1b7e8b3ecca2834c0c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1104
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-21_2021-12-21-09653158_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3689
last-modified: Tue, 28 Dec 2021 16:47:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nF8E9%2F3Kbt6QAmGMOJB9wKlimxEG9Rc9%2B3EZzbLecg7iOELjF9ZVYj28cy6kgzN75UN68OuY3CVRcjpl43QsdTeOf2fKI2JWrRLI7F86nY4dp0qIiw4h8B2eaA5xXFJt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a883ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 61ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fep2+tarik+monidla.jpg&z=120|90&c=92|0|733|550&h=9437

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8df0e37ce054e311c2ed2b6027a329c2d83f2fca780b79e904b57d03a7d1d70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 176044
x-powered-by: ASP.NET
content-disposition: filename="amr_world_cup_ep2 tarik monidla.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3397
last-modified: Sun, 26 Dec 2021 16:11:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iiEV3p10NxdvjIhiNlFm3RPAPop3YAQVMt4fGrc9FQe%2Bhodejm306U5v0ntYqOUynSIip29KLgfiAGv6QLQSOOOunxx7W1hKi6bKYgtZF6qEjfoF9EKjzVClQYpjUO%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a893ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 61ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2019-03-20%2f2019-03-20t163441z_1790268133_rc192cabba10_rtrmadp_3_soccer-cafchampions-draw_reuters.jpg&z=120|90&c=49|1|535|401&h=8477

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

08a7f187e56bcc7f427e901e9ef407191f21b145441340b6aa1e49e32d0a7221

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 20249
x-powered-by: ASP.NET
content-disposition: filename="reuters_2019-03-20_2019-03-20t163441z_1790268133_rc192cabba10_rtrmadp_3_soccer-cafchampions-draw_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2751
last-modified: Tue, 28 Dec 2021 11:27:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFLViFXVCdgNGRaNA%2BSZXVrApA%2BvO9oXiwcJcCpRvGHaPWzfI2q1GEQXhDSBwnoji3OxVD6qZlKotaLwrFcSgMRqPcQPDQGNktLfyjDh4c9sS2jfnZtg9%2F2IYFdQO77%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a8c3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 62ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=4567890-%2f269773066_595036941794204_4680939138607282913_n.jpg&z=120|90&c=103|0|678|507&h=5266

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2b3b3ead300bea81045b38aa1bc0a6ce392a6c966b90c3a5b3f5af4b3117058e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 107742
x-powered-by: ASP.NET
content-disposition: filename="4567890-_269773066_595036941794204_4680939138607282913_n.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2900
last-modified: Mon, 27 Dec 2021 11:09:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB6mOrmIfhKZT%2Bz408qFvPeM9UojRskM8%2FMsQ%2B8%2BxrtylO8z0QpMAvzzgAueQH%2Bsxv%2FuN78ZqBS9wlg7M1rQkeaKgDDXLu20U%2BYV%2B5EdXsorDkshmkWS8Mx8g8ADFPhC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a8d3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 62ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fthumb+top+10.jpg&z=120|90&c=211|0|1437|1078&h=7402

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e59fd2040fccd050013d3be85387a28ef913c225442a5b6cc4c418f95f9e4582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 208933
x-powered-by: ASP.NET
content-disposition: filename="april_june2021_thumb top 10.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3163
last-modified: Sun, 26 Dec 2021 07:03:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQXjAjaYagWPeENFn7J0fvJWkGovhFsvyQ%2F5ex0dIC9fjmLlUoqxjVvsTIyxWbg26cZovaa9eNrdwrag1AB4t8MyTF2R57d7pjN4HR57ENFjGg3hIcLqHz7KXU1a49Sa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a8e3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 74ms
65ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-15%2f2021-12-15-09644124_epa.jpg&z=120|90&c=141|19|560|420&h=8232

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b34518a26dfee5479b82a32f6ddb2e36d0183ac5f29caed86a730ddcc8888715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 24179
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-15_2021-12-15-09644124_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3057
last-modified: Tue, 28 Dec 2021 10:22:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54LX3HczdVB2PGBS9rD3qQVDUcdD4UuWlAdeb835fDDjSh%2B4HR%2BALl860qYpwiuVtXx%2FS%2FuGjwbFUsDlogBGeRmwiD7HHUqqRdQgZyBY69KaKxwQSlw%2Bvlf5pij%2FVg1S"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a923ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
4 KB 62ms
53ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-28%2f2021-12-28-09658958_epa.jpg&z=120|90&c=25|56|743|557&h=4167

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

defb600aebd5ed5c6ef0f8df6c5d64070cdb29cf762252e513c26366be6f5d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 559
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-28_2021-12-28-09658958_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3790
last-modified: Tue, 28 Dec 2021 16:56:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3XRQ0A0A0BA6BzQGXg8SCjbQRsgpGZX3jbpWM9SsLzV1yLkFUYZiHT1FkU2Pv08hUGVz%2FaWHeU5b6QduWkJ%2FjgmBJbRxdea0A80U9chRdwZsmQHtM%2FomxcdYiFhKPnv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a973ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 62ms
53ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=00010012%2fjeddah_eagles.jpg&z=120|90&c=70|44|468|351&h=3081

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

195887f2db986092ce1774630838ca3f83e0d2aef3eb07841937e9202c52e233

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 802
x-powered-by: ASP.NET
content-disposition: filename="00010012_jeddah_eagles.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3341
last-modified: Tue, 28 Dec 2021 16:52:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Qro%2F1HqvQKMkOmvdeYs5ETtx2H2lVifXQN%2FI0xrw02y%2BdbdIOznlw0MupKtzNXwbB0EALre%2FkcRrMoVi3pxoyQeZHm2ithOQbzyx3CN%2FCLyJfTJoPkIWdgeDrZauVej"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a9a3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 5 KB
5 KB 62ms
52ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=albums%2fmatches%2f2243577%2f2021-12-18-09648302_epa.jpg&z=120|90&c=99|41|607|456&h=7513

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ec1e825d434e65529ece2a60350bfea14a1098a708b959b5df8ce24eaf0ca65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 345
x-powered-by: ASP.NET
content-disposition: filename="albums_matches_2243577_2021-12-18-09648302_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4737
last-modified: Tue, 28 Dec 2021 16:59:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7X%2BsFGXm6gdDonXRnYDqKDAh4XVInfwiCjQrOPFK0eaVaD%2BrijgdiQC1jIQY8FPfdNJLyP%2FKyuo3UBPRSmUrYHnAF47pdcS9KSH9sF%2F4ClWS3MdTIOFiRPRmeSP9x8J"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a9b3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 63ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f321%2fkoo_321995.jpg&z=120|90&c=22|25|576|432&h=2692

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ea3d68df250100644cf65e729dfb67ad9c7b593ddb6b326b72a460c4334b7b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 2184
x-powered-by: ASP.NET
content-disposition: filename="corr_321_koo_321995.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2858
last-modified: Tue, 28 Dec 2021 16:29:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czJTgXoPioT0i8puw4%2FAx%2BmZQbLj8yHA0VAcJCShVnzHkWyzIJHedx%2F9wS%2FE4YQSZWWRY%2BrzmuFlHd1aSIoh1KSoxB5vNRdvF6t351qs3vMRx%2B9G2sIFOkWJGbMgq%2FaW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a9c3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 5 KB
5 KB 73ms
63ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-18%2f2021-12-18-09648302_epa.jpg&z=120|90&c=101|27|616|461&h=1918

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

32097afd5ca3cb75198bd617e1e8e7f4207871bcca7e779ba93d134ee9754825

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 4979
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-18_2021-12-18-09648302_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4669
last-modified: Tue, 28 Dec 2021 15:42:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcMMvJi6y0pPaQHtkeaT6YM0rfqpcwbd7VuWs1kQK0yVrgVCor2dDi1uwVlM4IUUXhLwK%2BuPbtJ0KrL9sebH6cbR9aRXVrfOvy31rohjExl5s%2FRboVEMf2QZ4r6qPQS0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a9e3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
4 KB 63ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2019-06-25%2f2019-06-25t183444z_290774452_rc15b9400ea0_rtrmadp_3_soccer-nations-cmr-gnb_reuters.jpg&z=120|90&c=51|20|509|382&h=7764

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9ff5459842ef86371c73502d107924ff59177a2c176a8ffbb2913d416ac35850

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5976
x-powered-by: ASP.NET
content-disposition: filename="reuters_2019-06-25_2019-06-25t183444z_290774452_rc15b9400ea0_rtrmadp_3_soccer-nations-cmr-gnb_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3593
last-modified: Tue, 28 Dec 2021 15:25:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goqlqvgimyV2mzTvvUrUZZ%2Fx7yoc0EY4v0mbzaKB8jPQe9kaowIbjWmYs%2BZIulmBt9vKXTGBXjZWGjTsSKavWFdDXqyzUe0fB95W7oLVEIM2%2Fgr3%2BsdRQZfXyBgWMemp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56a9f3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 63ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-09-15%2f2021-09-15t203407z_1421551454_up1eh9f1l4td5_rtrmadp_3_soccer-champions-mci-rbl-report_reuters.jpg&z=120|90&c=105|39|621|467&h=745

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ef35023a4892da52cf471f6d1e9b25a2c91eaed6755c401a15354d64ebf307e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 2460
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-09-15_2021-09-15t203407z_1421551454_up1eh9f1l4td5_rtrmadp_3_soccer-champions-mci-rbl-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3136
last-modified: Tue, 28 Dec 2021 16:24:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFAPiOdJcLhHJ8G3MtEFUT7KshTQmWmNcBS%2BL76Wq1%2B0fsH0iJSJ7Jln8yWIiht7jg5rxk99C9FvIynsm2htsFOuAai283BlLXjaHkcjF9tX5WraW7m%2FKusErspM0Xhe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aa03ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 63ms
54ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2017-01%2f2017-01-18%2f2017-01-18-05728868_epa.jpg&z=120|90&c=7|33|447|336&h=642

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

38cd4d89d0ec34e47f784293cd9f8f88f58eebef47cf1340b30adf3ac1511671

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3974
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2017-01_2017-01-18_2017-01-18-05728868_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3111
last-modified: Tue, 28 Dec 2021 15:59:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgwSaUhqYMFMoY1ajSXODGhXcVbfpEB38fxlfMZPpERaJndC5AJ8TZ%2BJoSv%2Bd2Hx0qxhvA9zGgy%2BQXjs5Mw6BR9gIlcgAysX5QgPLLue6vYUa9caCO9yr0Lgtvw5qxrx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aa23ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
4 KB 63ms
55ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2017-09-23%2f2017-09-23t150538z_71430181_rc15435205c0_rtrmadp_3_soccer-spain-alv-mad_reuters.jpg&z=120|90&c=0|0|512|384&h=6018

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a1824a175d4d964898b5f9b4dc5938e9961ab2db6631547280e453486cb4ce24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 4531
x-powered-by: ASP.NET
content-disposition: filename="reuters_2017-09-23_2017-09-23t150538z_71430181_rc15435205c0_rtrmadp_3_soccer-spain-alv-mad_reuters.jpg-c0-0-512-384-s120-90"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3665
last-modified: Tue, 28 Dec 2021 15:49:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwpeCr5x%2FLLlRK8DA2GOwALqGE4DaATVMCmKqAz7WIGK3GLuLN5aAPoB5ilRfwA1Nj3rYXGJ37TA6Ek%2Bu8NO3Irx0l3a76ort%2Bd4M3XeaiXmWaWJpTo26kTv1OkYnj5q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aa43ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 63ms
55ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=67676%2fimages+(10)kc.jpg&z=120|90&c=44|100|503|378&h=5552

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9b0c40f2e4435b0985e86881d40f6066188132551a38eec5091abeca6ec58445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1826
x-powered-by: ASP.NET
content-disposition: filename="67676_images (10)kc.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3285
last-modified: Tue, 28 Dec 2021 16:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST%2BJ6PnpNGpG%2BhGDLExxps6Aj0RMD8gEl4uDTJyt6rgh0OdDRd%2Bahpkav9DTWnb%2FwGUCFbfdR8IKz5DGFsToNUv%2FBKWRC4y6SoOoboUzoQyMZtJBdabc3gkMrSQ%2F7slu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aa53ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 63ms
55ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=m..m%2fnaggaz1.jpg&z=120|90&c=97|21|809|606&h=8153

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

83da1c89748772f5de9ff0f361ddaf6aa0dc48e523b418191f0cdd9f2c2ab97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5157
x-powered-by: ASP.NET
content-disposition: filename="m..m_naggaz1.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2738
last-modified: Tue, 28 Dec 2021 15:39:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwcnG%2FjE411Vtu3LAPXSzTIRSqxe%2FczzFa6wlfhqMia3HXDOz20K3y2auVr81Qr0la2mdJx5mj6iw7tzYxLlB8dAqly2FZMRaKyKHf%2B29knsUU2GXXf943uMEBR4LzA5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aa63ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 67ms
59ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=albums%2fmatches%2f2782869%2fkoo_yosr2059.jpg&z=120|90&c=29|12|688|516&h=6528

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5402ae5d431f35542a73067d88fff82e529428a9b53508cfb3d666b4f288c38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 12463
x-powered-by: ASP.NET
content-disposition: filename="albums_matches_2782869_koo_yosr2059.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4345
last-modified: Tue, 28 Dec 2021 13:37:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0aBVGq8ZGwPLpl%2FNA6YxsnJvLBaj5r1609IidD5LppJilm2fFpmL78Rp%2B5EGoIOThcw4NmKAdIFKi%2FQXTDanuXtcyrRrkNDgaH9TKpAfx4VU8nAX0NPaZ3L27wGLMny"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aa93ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 68ms
60ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=albums%2fmatches%2f2782866%2fkoo_9.jpg&z=120|90&c=71|6|1018|762&h=214

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

77bbc484d1c5a6676190cefd389e45675923f05431263a062f1c7731ae2fac1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 33140
x-powered-by: ASP.NET
content-disposition: filename="albums_matches_2782866_koo_9.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4050
last-modified: Tue, 28 Dec 2021 07:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qYtemWeFDzO5RwnIcJvzguFiMy2Gv5a1Ni2jVde9jahkaxkB0u%2FDSWkH3GBEnAWeZyv7dk5r90nk29VsP9hwuxaHGpcqOcG%2BJRK62FM%2FPOnmWhynOmSkcDA0x7DDcvN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ab33ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 71ms
63ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=nasrtransfer%2fspecial+al+nasr+23-12-21_thumb.jpg&z=120|90&c=135|0|599|449&h=115

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5b915b6158c698df9bd7fd44a182278668510a7cb8a2e73781f340bf0a2ee9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 294872
x-powered-by: ASP.NET
content-disposition: filename="nasrtransfer_special al nasr 23-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3582
last-modified: Sat, 25 Dec 2021 07:10:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFCC8jDnMyEpObFr8E04r2jd4Amfvm9y6dK777Xk6OpSDwLlaVxuf5XqFnMJ5TUyp3IFnhzbvBMV9nvhNKhjsmV3khz2t%2BCASL0TAMcnlBJ%2BzcyHuFuWP%2FmvhK9JYz%2F2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ab63ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 63ms
55ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=uhgff%2fdeety.jpg&z=120|90&c=123|2|790|593&h=3335

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1dea27458e2ea6b48237290353dc1d9fa8fb8a2e0e22863644bd18035c842d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 380804
x-powered-by: ASP.NET
content-disposition: filename="uhgff_deety.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3436
last-modified: Fri, 24 Dec 2021 07:18:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muzoFMiQS5%2BhixmOObNc%2F8q4mKkIo82GoL27%2BLVU8Pwd6Y9sqNXA31qB9ltn98UkwGriOW%2BhBmQ2%2FzGJRbX%2Bh8rXUXc7tdNEKtV3XCQePawtu6Ka9g%2BDvkN031YBODt4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ab73ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 67ms
58ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=m..m%2fdempely2.jpg&z=120|90&c=132|0|949|713&h=3663

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7632cb884650b06835aab385fa262a92a7a6dadcd5deea8d5cefe345c430feac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 362204
x-powered-by: ASP.NET
content-disposition: filename="m..m_dempely2.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2000
last-modified: Fri, 24 Dec 2021 12:28:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEb%2BLlO%2B%2Bfq4%2FQd4LFYuBM6o6ScjWpeEKyuyn%2BdzqfXqvPLzEeKmSjjUdxAIcEcWMoJLlCZHVn%2Fb%2FqoUenUNng%2FP7x3HNNQygIWKZpcx9rHTvuVP2ivKOpH861Nm%2BMJw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56aba3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 70ms
62ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=m..m%2fericson.jpg&z=120|90&c=137|11|930|702&h=9186

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2096286949591fe9b7d86203472c94e463c85b62f5946a1c84060fbb708d9c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 294738
x-powered-by: ASP.NET
content-disposition: filename="m..m_ericson.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2520
last-modified: Sat, 25 Dec 2021 07:13:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEJPmTMaGvqplYVtVdgov%2FaqDAGhp9Ozd42nsxQ8ksoh8sZTS6q1Fi6sdnAkUxX2SJps4rnCpuce90h%2FBmAFFPEFfbyLzCGhzesVr6W5pgY11HQQ%2F6yJLQ11id87ZY8s"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56abd3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 40 KB
40 KB 67ms
59ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2f2016%2fsaudisuper2016.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6d6f42c3bc5627ba3dad6fbcb1fd5ae82978175883938cbe583a893dc8c1bac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6920819
x-powered-by: ASP.NET
content-disposition: filename="0safi_2016_saudisuper2016.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40645
last-modified: Sat, 09 Oct 2021 14:38:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6b0dMTduqyhxxGr1V6ic3XllIH8%2F1hXVbdKMH0L8dj2HQzoqg8reZHncOSbtqnoikUuK%2BMZryprk8G7QDKTXyal%2FfR%2B2pvoLXcUiNYvgJ%2B73UQqp%2BJtz5b9fvTZn%2B8s"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56abf3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 7 KB
7 KB 72ms
63ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f399%2fsupercoppa-italiana-1.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25fb36180c4dcdfea3e17d4d3ee40de5d024c592e40ee5bdcbe1617de498ad2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3452871
x-powered-by: ASP.NET
content-disposition: filename="o_l_21_399_supercoppa-italiana-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6737
last-modified: Thu, 18 Nov 2021 17:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLuaylx7vwDV6sbEyZccNS%2F3LGqn3I8CE2By5R43LYi2F%2FEoa7qXVgYJPiCtA4uwlpOxVdp%2BptJA5eRkYtLVuAbsRc5nldr%2BSX8z8sqR9cUHAoOopG0yq25R%2Bxt6RoBu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ac23ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 20 KB
21 KB 72ms
63ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fafrique%2f2020-07-16_133023.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

28cd77f1998ccbb4b9803529b9d9c82bdcb0b5955958af87e3231ec3640a1e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 4022532
x-powered-by: ASP.NET
content-disposition: filename="omar_a_afrique_2020-07-16_133023.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20434
last-modified: Tue, 26 Oct 2021 08:21:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgz6Q8Lm5pkFvrQKwxpyjLJO4OxgU13UZHe6%2B%2FQzmk6alGFbbP58%2BQviTcLUSJ2H6FKxtTCM1RLE1eqQ%2FRzEPTfpt5UTDthIUaAePckEciSmMdLD3POia%2BKxwdON94wf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ac53ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 20 KB
21 KB 72ms
63ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2feurope%2fspain%2fspasupcopa.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b8b2dee5b1bc15ab229951b9fe6d23214c0cc6031e70c9a5e17abf9c9f7fb081

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3669148
x-powered-by: ASP.NET
content-disposition: filename="kooora_logo_europe_spain_spasupcopa.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20672
last-modified: Wed, 20 Oct 2021 23:21:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFaW0SAtUjzEJvBX0fTeZy5J1matrDdDha0Q0Z5BrypMWFzUu07YkQxUKtarjVP%2FXRLrC10bCq4WM2Mdk64Jl2REcUrJfT7ybS2oRXRxDKrnwqqJ3eUW5WVXs990617F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ac83ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 27 KB
28 KB 73ms
64ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ohatta%2fchampionships%2ffifa_world_cup_2022.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

48995f4d2076f91fbe22f2748c20d3101213adee5e0bc7345010a1b7ff55ed70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 4022534
x-powered-by: ASP.NET
content-disposition: filename="ohatta_championships_fifa_world_cup_2022.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28083
last-modified: Tue, 26 Oct 2021 08:21:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FntDV5HSiFmj8UeDhERqTQgFPDT8SJbBqbto7HmByPa3P3AmaBA83tLoFSZWLFc9Jx4qn8yNflGZRFvYt%2BrzxBYvd44gVURcSDnw9pzUm1oqEDUS2FeFkpnlNnfb9JT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ac93ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 30 KB
31 KB 74ms
65ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2flogo%2ffifa_logo.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

dce539a0c31f48ae62714b74b82d08d27555ae0d5380147923b3cda74d50ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6922670
x-powered-by: ASP.NET
content-disposition: filename="0safi_logo_fifa_logo.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30863
last-modified: Sat, 09 Oct 2021 14:07:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2Q5lJ8t7MS8QZYBZ4XophsIebLNhOzNJaH0Q7ggnvT%2F9hFJCMwmxvhMzdJcamFQwhit1KYiqWcX2oflZ9Nzg%2Bn0Z5Eb5rxeZvC6QS7suFb25YWD7wcpiPdvz8G81wVp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56acb3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 16 KB
17 KB 74ms
66ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2fsouthamerica%2flib.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

218beee6ace97fe31856f3d4782c23b31880a8bb38b4e205bad87bb1c4a70860

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3496009
x-powered-by: ASP.NET
content-disposition: filename="kooora_logo_southamerica_lib.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16666
last-modified: Sat, 09 Oct 2021 14:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpPtt%2BCEix8zXuKFF6OVtZDzrsfzJajXafVMjp6sLbFGcpHa0W1VNJaBckSIGPk3XrZnAnR2ddKC1sP2%2BNXkj6ypffOCtvO28R2Iv0qNmqgMLzhGkgcAVSladABJSAx9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56acc3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 7 KB
7 KB 74ms
66ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f23%2f275%2fcopa-euroamericana-f-1.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

982091610cb59c4aa85ef01567b6b0e6e70cdabb4db3fa7c23710c02f47a4849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 352224
x-powered-by: ASP.NET
content-disposition: filename="o_l_23_275_copa-euroamericana-f-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6664
last-modified: Fri, 24 Dec 2021 15:11:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvgMJV9dEpPnOCRKfE3iGni%2BH6GZcHmVrOPVTuWAnH0EzXtaOF2T1NrWyR4sWxcQteKb8fEP1GRQgzh8Gb0Mme6E%2BrbKXLbHcVWXZ1at8XuY08DLPsO83IGJARLzb5B6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56acd3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:27 GMT

GET
H3 200 /
img.kooora.com/ 29 KB
29 KB 90ms
82ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ohatta%2fchampionships%2fuefa_nations_league_150.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ec1aa8fcf3140cdbe0e5733cd26a02d6e374bb578bbf1c1d0e230d2290adc301

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3669066
x-powered-by: ASP.NET
content-disposition: filename="ohatta_championships_uefa_nations_league_150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29427
last-modified: Fri, 05 Nov 2021 18:45:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF7GNIHqgco9huKRNmo3lcTJEYop8ZadCKkbSAixG0VHyrKEdLtywTFqPnxmFOM93WJ2oyJu2izWswCLZVfsCqc1%2FudFxDnAUFwwDCBfxk147CxRgtbHGsZHkMArq6PZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ace3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 76ms
68ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f241%2fkoo_241707.jpg&z=7&c=70|12|493|370&h=6567

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ce7dabde417033cebe3370800f1c388691daf332f991ce7aea9c296970b15d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 80789
x-powered-by: ASP.NET
content-disposition: filename="corr_241_koo_241707.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1995
last-modified: Mon, 27 Dec 2021 18:38:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IllKX%2Btv8PG7ruYP0q9tV2LTijPJxKFrIysdxJEuPKZviwOw9dMIV8U5fym7%2BDqd5YxfHLZ3I1TGNVsHASmvPTdjKL8jfdhkv79nnK9iEq2gL09F3U%2BFXGSyGvheV5Dh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ad13ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
2 KB 76ms
69ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f318%2fkoo_318709.jpg&z=7&c=24|8|494|371&h=8267

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4576e83a1cf961908418a04f11c64b8a958f5c772aff903584c1c9aa5369916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 45960
x-powered-by: ASP.NET
content-disposition: filename="corr_318_koo_318709.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1767
last-modified: Tue, 28 Dec 2021 04:19:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgypxchnmXTxhNq4qkQQilh%2BkEJjztqXjxuc2vz0v0jozLxfETiqoLSssfSJXuO3%2Ft9p2tIWIBXm89nw8VhYShlwQgRDxI1Q8suGBAIjDV0X8SlfL3B1ilCYRgiGChBF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ad33ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 77ms
69ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-10%2f2021-10-20%2f2021-10-20-09534884_epa.jpg&z=7&c=57|0|736|552&h=4161

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

96fe865e262a36468725745535693ccce0d5fc16195550e50c3d8dcddd22a13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 45960
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-10_2021-10-20_2021-10-20-09534884_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2058
last-modified: Tue, 28 Dec 2021 04:19:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGWp6CMrw0AsPEmcRYl4hpu%2FTgPHQEbx7q5BqSOh8%2FsVp2uaCFj7czCsnET8nlM4PzwG%2FPKPEEyHqFvZlRUwtUbcb%2FF4lM5wqqklcQEiVynaSrLd1WhyMfN0aZnbg%2BeK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ad43ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 77ms
69ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f169%2fkoo_169076.jpg&z=7&c=70|0|455|341&h=8319

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b917b40a911051535f0b0b9f4df849f06d0de1df6e25351d1690575b0ea1c767

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3569
x-powered-by: ASP.NET
content-disposition: filename="corr_169_koo_169076.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1869
last-modified: Tue, 28 Dec 2021 16:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF86zoXUr9J91ZQdUIIwRDtDMQI5AOY34PQ1XvNcPUcHZHYva2EZ6klH5v4Q3%2BKkjdRk%2Bt4iZ5t8ZfIWAg8fxQq3w%2FBd70%2B%2FaFl8AepK8UpJw1c%2BnCjSMQ%2BFnvYDSRWc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ad73ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
2 KB 76ms
69ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-09-19%2f2021-09-19t191223z_511246989_up1eh9j1hclsk_rtrmadp_3_soccer-france-psg-lyo-report_reuters.jpg&z=7&c=79|0|721|541&h=2711

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

43f16956e4c74c43affc9f7264bb7fd212f09d0e8e237713f1a37e231bc1ff9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 25926
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-09-19_2021-09-19t191223z_511246989_up1eh9j1hclsk_rtrmadp_3_soccer-france-psg-lyo-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1689
last-modified: Tue, 28 Dec 2021 09:53:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5zYh4ZUJpbneO8c2xDzEgyeP%2FgPU7h%2BKvWfoyqKFBnB3kx0olUlR57VnlgjhDu6iwmVvj0i9an9%2FnGKYRdiLk7G5SnLW%2FD3vuRjAa9ZccpkPsb06c8R5HBuPqLDtn1D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ada3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 76ms
70ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-06%2f2021-08-06t094156z_1118163813_rc2lzo9uz2hc_rtrmadp_3_soccer-france-tro-psg-preview_reuters.jpg&z=7&c=153|0|597|448&h=8312

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2e906fd6ec858abf96aa2dab0370839910a9c9cf10cab06ea876bd33413225b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6791
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-08-06_2021-08-06t094156z_1118163813_rc2lzo9uz2hc_rtrmadp_3_soccer-france-tro-psg-preview_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1823
last-modified: Tue, 28 Dec 2021 15:12:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLeilfBFtk46S4M%2B0BSq7CSOnSGIv%2Bn1zVjmsURQ9tfDslM5tntm2fTBiA%2BaZBA7tvVwiQYdKpkEhPRaSScI1h%2FzwlYgFlaQYOR55P467q8HOtLBQX7A87GWgb3kzo0W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56adc3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 76ms
70ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=zaki%2f2017-01%2f09%2f83.jpg&z=120|90&h=3693

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c8118f8e9c1e8dc1f2e464c8d61198840e48588b71608eab2c3a07cf84292255

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 718566
x-powered-by: ASP.NET
content-disposition: filename="zaki_2017-01_09_83.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2243
last-modified: Mon, 20 Dec 2021 09:29:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdulusKqa9Nqtjyv9cl%2BjhOUHzDiJWODXese0H5YFaR7zEd4%2Ba5eR%2BkOdfIyVMNa6iOCQqdFBM%2B%2BH6xM3Q1zW1JUBDd2av5wl80ZKrkv7WB9un%2BIfINbMEWNCDVEC%2BUe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56add3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 76ms
70ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=aaeldeeb%2f19_2021-637527119083378191-337.jpg&z=120|90&h=4579

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

846266bb822b2d835114fa948f205aa81af13c3b42737befe906aa003527841e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6922631
x-powered-by: ASP.NET
content-disposition: filename="aaeldeeb_19_2021-637527119083378191-337.jpg-s120-90"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2912
last-modified: Sat, 09 Oct 2021 14:08:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cc03lIqqf%2FFNLhjy7h4nIFBMpf%2B7elI85EbF%2BMHvgTIDsL14EKdy%2B59AYICk6popDs7UbN1a9Ws%2B3DEEZ%2Bcjl1JhpMDhMj%2BK6x8gdcMZATJ%2BUzA90D1nwmW%2FIj0F%2BAz1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56adf3ba3-CDG
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 77ms
70ms Image
image/jpeg 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=aeldeeb%2f250_af3366930e.jpg&z=120|90&h=5163

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9370fb9fdc616ec218f0294a7aa9b7bc3c08f4ac64a770995482fb7d9504a2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6921431
x-powered-by: ASP.NET
content-disposition: filename="aeldeeb_250_af3366930e.jpg-s120-90"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2113
last-modified: Sat, 09 Oct 2021 14:28:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9h8BqJZpTzYekTccoGWqgsLn02R7jXUVnoxeV4rtcOo3KVj1TozioeCmC4VU%2Fi2eXidk0ZHe6vrSHrrTedXap8kR11Z%2FruoX0aon73nyLeobraUCw2m0S9eSaUVk3SI6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Dec 2022 17:05:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa56ae23ba3-CDG
cf-bgj: h2pri

GET
H3 200 / Show response
www.kooora.com/ 467 B
920 B 53ms
52ms XHR
text/html 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?jsoninfo=compstatus

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

30012abcce23237b098194a133ca4c4fc5ac39887d6a0923874b28710b22651c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 10
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Dec 2021 17:05:13 GMT
server: cloudflare
x-frame-options: Deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nS1a0vnwe%2BJDx%2B5uKllWTbRPq1wM7GXJmtwsxQfoiFFOMTyHhWgO7T7VBx74HUU%2FU8Oyiy4DjIfKDcdsSlUFi17jY344DUWcjAuaTzchlhZhnC2IPvVfh92CDdT1R4I"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6c4c5fa58b273ba3-CDG
expires: Mon, 28 Dec 2020 17:05:13 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 196ms
43ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 17:05:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 50
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29126
x-tw-cdn: VZ
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CE7)
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 dlive.json Show response
ktv.kooora.ws/ 2 B
379 B 98ms
46ms XHR
application/json 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/dlive.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 May 2021 20:50:12 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 83
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6c4c5fa61e6b59ad-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 xgemius.js Show response
gaae.hit.gemius.pl/ 40 KB
11 KB 139ms
42ms Script
application/x-javascript 188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/xgemius.js
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: b097f8e4d32d148b9b3e42e3ac568b4edde95cb3de99f44346f51469d618979a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 11:54:27 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Wed, 29 Dec 2021 05:05:28 GMT

GET
H3 200 / Show response
www.kooora.com/ 956 B
1 KB 90ms
87ms XHR
text/html 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?lnews=de

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

11bbd6ec6ca771a0d959e80d46c0c4eb8469676a347fa3f1bb07d34ac4f61fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Dec 2021 17:05:16 GMT
server: cloudflare
x-frame-options: Deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzd5T3vOCXe8EDE%2FFoW%2BjzkNm7WKTt9tCJX7MdHhFlsBkumNHTe7K5PYFLOlbooKvbB6iiC2tHSCDh%2FX%2BBEjz6r%2FfXL1Ckryudlw7LOWJ6exOSkteVIDZ50U5zrKIEIl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6c4c5fa5dbd93ba3-CDG
expires: Mon, 28 Dec 2020 17:05:28 GMT

GET
H2 200 getrssarticlesAPI Show response
striveme.com/api/ 13 KB
3 KB 90ms
55ms XHR
application/json 2606:4700:20::681a:11b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://striveme.com/api/getrssarticlesAPI
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.30
Resource Hash: 13ec6d023f16e4befce657c96c7df66763a7a65dfb470c4ac61ceb46d2848c0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods
content-type: application/json;charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HexyrXektsZlzOUK309xNXZgm1LNUT0OTho90VfAhFElz0EBg%2FwApp%2FIAaREupBrt8M9bECUfYEitb1m3NeWRh7bLbOAKP%2BcYv%2F9ErWpqxApdXjKGBl2DUiYhQmHTMZPGT9UNzXnaDVP3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
cf-ray: 6c4c5fa639d33128-FRA
access-control-allow-headers: ,

GET
H3 200 Ad_24_9_20_300x60.gif
o.kooora.com/banners/ 10 KB
11 KB 32ms
32ms Image
image/gif 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/banners/Ad_24_9_20_300x60.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9da17583dc0a6bec30ff7f29d8ee2d5626294e2de46e989a471984dfe4edac9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10173
last-modified: Sun, 12 Sep 2021 07:25:27 GMT
server: cloudflare
etag: "808daa5ba7a7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hSk8BDLO6vBoQn%2FC%2FjE2sq%2F6qDZ6MxMeaK7quUfTg%2B8%2FVSkV%2FWJMLLAzDiYLnI%2B%2FCptqDvv14Xac5ErpMp85MxqX9VIEAUH4EtMb%2F%2BYg4rTjY6MPHG%2FAxYW%2FTiEYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa60c5b3ba3-CDG
expires: Wed, 28 Dec 2022 17:05:28 GMT

GET
H2 200 lwt.json Show response
ktv.kooora.ws/ 24 KB
3 KB 91ms
75ms XHR
application/json 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/lwt.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85758b3855f28e4e7100f6a869e237df0fd0c1c211fbf7acad3a7f4d360008ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Dec 2021 16:58:04 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 157
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=293
cf-ray: 6c4c5fa61e6f59ad-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 285 KB
80 KB 21ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js?hash=6366f98570fe5e585554c97a848a1830

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa436849f13bf212f40002cc9d2b13fe30616e9064f3bd84bf3ad498cab60c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kooora.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GLScr2CykNa0UFHodoYWog==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 28 Dec 2022 16:49:36 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82097
x-fb-rlafr: 0
x-fb-debug: LM3Xy/fOxon0WYPaWlVuVikCGa41GiLLUlmhCSSqPQgdOF27Q9cBeGVVLGeWUICEz2nuZR6gPlODJAjc7J6dIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a758983b98e3ca5118f6a41dfda2c53f
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2c4103c5b34800603dbdf8c34ed6374a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 kooora_com.js Show response
static.cognativex.com/config/ 209 B
731 B 52ms
33ms Script
text/javascript 2606:4700:20::ac43:4487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognativex.com/config/kooora_com.js?v=2021-12-28
Requested by: Host: kooora.cognativex.com
URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-12-28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 015f2154b4f8add8ddf1909d69d1ef40b5dcd400f6a84311f561fdfa7ef63c84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=+YOpGA==, md5=mjwGHzw2a1A6ZKyWFqTX6g==
date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64089
cf-polished: origSize=213
x-guploader-uploadid: ADPycds5lw3TipmCRRJAlrqK8OoIeMvC_uBS4NEhdacqEUy2_MMzlEfTiQMYFjSIAmMe1Y-_9zkjDQfFTfGH2Gsck7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 09 Dec 2021 13:51:33 GMT
server: cloudflare
etag: W/"9a3c061f3c366b503a64ac9616a4d7ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tY8Lks8Nb3gx6S8o65pKm8B0xL0qkxrzkVfk6kn34%2FpkMT2Z9NjsR8Bqb7Z5RvGf2LO33IyjVxhBYDWSaflnKUuvJfuvUJNOiaKn4pefBS6puyGFWpX6b45r0B7ecbvxrGNV3R3D3acuJt5fIAgVHD51Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639057893398963
access-control-allow-origin: *
expires: Tue, 28 Dec 2021 22:39:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 213
cf-ray: 6c4c5fa68ac9375d-MXP
cf-bgj: minify

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 43ms
27ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T24P46T&cid=1580596556.1640711128

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7e69e25fd21ca95558b5012ac37f3b9a32a97fec89401eaa7710d8c13af0d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34968
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 17:05:28 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1640711128072_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1640711128072_1

143 B
740 B

32ms
32ms

Script
text/javascript

54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1640711128072_1

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

HTTP/1.1

Server

54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 / Express

Resource Hash

a1ab275a040a57b34e76b162da695b93bb2c8b4fd008ee773a63c02a7df2b95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 134
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1640711128072_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 1506063979515344 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 24ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1506063979515344?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02167be2933ebac9a5b6c948bae78d265143f8146823713f17790b67a9a3623b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89313
x-xss-protection: 0
pragma: public
x-fb-debug: LMq0nVp081zrczAWZmjjNvM8ANhrvXcYUoAc4Xvmm/5zMOQTxBx0PY8XLz99gG5yKbRQSSpgqQtf5+p1rDlv2Q==
x-frame-options: DENY
date: Tue, 28 Dec 2021 17:05:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 live.json Show response
ktv.kooora.ws/ 2 B
380 B 89ms
63ms XHR
application/json 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/live.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Jul 2021 15:34:18 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 82
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6c4c5fa72ef3375f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 %D8%A7%D9%85_%D8%AC%D9%8A_6.webp
striveme.com/img/article/22604/ 136 KB
137 KB 88ms
40ms Image
image/webp 2606:4700:20::681a:11b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://striveme.com/img/article/22604/%D8%A7%D9%85_%D8%AC%D9%8A_6.webp
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6ec8eb41bf1cd275c866a533fbd1062e9b2788037445a5327a7bd29f24ceae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Dec 2021 14:42:00 GMT
server: cloudflare
age: 1529
etag: "61c33938-21fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfqduP8ze9QgyWMYS5v54RHsWIPnmxpaWtiRCSUMSlt2BSe8Kw1GM8%2FXrDWheiKgFbGGHDvRS%2FazxYPKPFZCvJnlsDBTKq1OuoXT0nOQX9BwLvIHfYQHQxRdfDRPu3Su7dqOK0xQVzZXbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c4c5fa74d583752-MXP
content-length: 139180

GET
H3 200 StriveME-Logo-S.png
o.kooora.com/ 4 KB
4 KB 34ms
34ms Image
image/png 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/StriveME-Logo-S.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b8d41caf72b504b1613e841aec9f50f639afc7b6afd44e454dab0b74399ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1002060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3826
last-modified: Sun, 12 Sep 2021 07:17:32 GMT
server: cloudflare
etag: "04e8b40a6a7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UApITgeHMNUoB0TG1DfG6iOtPtTLWGtXYTdJKQQZngYTIzIChz4trvoBnlcxZeC9Vp3h7doQmOT97mfmk2q%2FTM2rxnU45bSE9xgI3RdrCcsVUL3URXTKQczpmliLcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4c5fa6fe773ba3-CDG
expires: Wed, 28 Dec 2022 17:05:28 GMT

GET
H3 200 thumb_1640698230.jpg
ktv.kooora.ws/images/167/ 23 KB
23 KB 85ms
59ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640698230.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f9bd5c3617803e8220455551d11045998625590b068d1a1771091bb4e705eff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=25068, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23571
last-modified: Tue, 28 Dec 2021 14:48:03 GMT
server: cloudflare
etag: "1ec8fdeaf9fbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728d059fb-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 thumb_1640684619.jpg
ktv.kooora.ws/images/167/ 24 KB
24 KB 141ms
116ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640684619.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1af08eaad07c446724ff0d842fba9275b0a50758b1e094016fbb82789734c10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 279
cf-polished: origSize=26278, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24276
last-modified: Tue, 28 Dec 2021 09:48:18 GMT
server: cloudflare
etag: "aff113bd0fbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728d459fb-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 thumb_1640618568.jpg
ktv.kooora.ws/images/167/ 26 KB
26 KB 84ms
59ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640618568.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca7a9d1221dbd4178e8b247adabe8256e557a811f37611004d674f6e385cf2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 524
cf-polished: origSize=27626, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26701
last-modified: Mon, 27 Dec 2021 19:25:20 GMT
server: cloudflare
etag: "6593107d57fbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728d259fb-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 thumb_1640618353.jpg
ktv.kooora.ws/images/167/ 23 KB
23 KB 102ms
77ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640618353.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5a4ddbb43bd593af4b0ad285d1cb900f90000b0474afce9246a6dd61e33a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=25172, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23637
last-modified: Mon, 27 Dec 2021 17:12:01 GMT
server: cloudflare
etag: "acb5e5dc44fbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728ca59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 thumb_1640603040.jpg
ktv.kooora.ws/images/167/ 23 KB
24 KB 64ms
39ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640603040.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16e168d908d49a33365860bd24b032431f993d302ca2abb58654f3bb6b4f3cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 421
cf-polished: origSize=25423, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23819
last-modified: Mon, 27 Dec 2021 11:05:23 GMT
server: cloudflare
etag: "ae9f3ca511fbd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728cd59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 thumb_1640263701.jpg
ktv.kooora.ws/images/167/ 26 KB
27 KB 104ms
80ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640263701.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18122f15cc04c27171c0c72e3a722c5393b7328ccf72e8c0b6542fd848db9b84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 116
cf-polished: origSize=28198, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27054
last-modified: Sun, 26 Dec 2021 15:59:57 GMT
server: cloudflare
etag: "21ce70a171fad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728c559fb-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 thumb_1640297331.jpg
ktv.kooora.ws/images/167/ 30 KB
30 KB 121ms
97ms Image
image/jpeg 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1640297331.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a1a014417ac1998a055e6009d4e0f0bde2c6e1e439c23e4032a9f3212643ee1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
cf-cache-status: HIT
age: 102
cf-polished: origSize=31913, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30474
last-modified: Sun, 26 Dec 2021 06:59:16 GMT
server: cloudflare
etag: "e34f161926fad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6c4c5fa728c959fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js Show response
cdn.permutive.com/ 2 MB
338 KB 72ms
43ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cefa52ae4d5718e579ab356d0ec3c18875ee0315ce53f32a5d672eaced8877f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 3512
x-guploader-uploadid: ADPycdsjXHv87bKphrppxNAHnnJp18bJnljqoKQleZ4rWnzvCOBEtBtXVOGolttSyWwpqGfims7J9kl_Ftio87uE-tRBdN6jHg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 13:04:51 GMT
server: cloudflare
etag: W/"02fd5de0fe9c5a83929b57b9f1383a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=72xk8Q==, md5=Av1d4P6cWoOSm1e58Tg6FA==
x-goog-generation: 1640264691005826
cache-control: public, max-age=900
x-goog-stored-content-length: 373092
cf-ray: 6c4c5fa73e474e5b-FRA
expires: Tue, 28 Dec 2021 17:20:28 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 74 KB
27 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af3f68815f62ffb47138ac8b40b60a6c0d309a9048aa660e66452a450c5b91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27444
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 20:15:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Tue, 28 Dec 2021 17:14:53 GMT

POST
H3 204 result Show response
www.kooora.com/cdn-cgi/bm/cv/ 0
759 B 26ms
25ms XHR
text/plain 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/cdn-cgi/bm/cv/result?req_id=6c4c5fa28a1f5b62

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvot1wZ%2BfwEv2STDZrdvJptOEph1F9ifZfBKZSIqWtMFS%2FfhjGMvpy3VSAIgT60eQzrwWPn6Q4Ud9ye3xMyS8yIid9bdVrBNu%2Fsart2HZ1Zq%2B10ZeyIOcAGukpkG%2Bl7r"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6c4c5fa73f353ba3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fpdata.js Show response
gaae.hit.gemius.pl/ 279 B
393 B 41ms
41ms Script
application/x-javascript 188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/fpdata.js?href=www.kooora.com
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: 7a908c048595daff4d38b91afe4f564e272d841bb066a6b489444cd76bd507cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Thu, 27 Jan 2022 17:05:28 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 1994 5 KB
3 KB 86ms
25ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: 089462590c1262b5fd8576157b152d0a2835d771abe1538d941beacd4ea619f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
expires: Thu, 27 Jan 2022 17:05:28 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2721
content-encoding: gzip

GET
H2 200 cx_script_v20.0.12.js Show response
static.cognativex.com/scripts/ 144 KB
49 KB 35ms
35ms Script
text/javascript 2606:4700:20::ac43:4487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognativex.com/scripts/cx_script_v20.0.12.js
Requested by: Host: kooora.cognativex.com
URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-12-28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5795d648e5c8930d4a1caa635d9db2bdfb502b73347c355aadefe11602f8f6d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=SxBLlg==, md5=IOapR2bgWScj2a5wVTZQlA==
date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1652941
x-guploader-uploadid: ADPycdstPMbhDkBVWz39y41IhoajiU8U_OxUho1kEDT2tnXbQ5XU0R5mBK7WmVHFyU3sDkH5hnPZYK5Qtkeu-BJKqDD-l63qzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 13:49:33 GMT
server: cloudflare
etag: W/"20e6a94766e0592723d9ae7055365094"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXfU5pDdA9OSI6nxPVLN4dEtTixhnRWYvYVcwKwGflb6Zl76IN3JVxLXjIODzXUmdPw6aLxzc4bXBisWVNmqWdZXXdNZg5v2L%2BzJxriqYUW%2BfAwbJYSVhX9qAEIUua5jFQG%2Fgy%2FYzpHQX%2BvrLv0hGgrSfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1639057773114919
expires: Sat, 08 Jan 2022 13:56:27 GMT
cache-control: public, max-age=2592000
x-goog-stored-content-length: 48061
cf-ray: 6c4c5fa75cbb375d-MXP
cf-bgj: minify

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 27ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1506063979515344&ev=PageView&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1640711128221&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640711128219.442323543&it=1640711128083&coo=false&rqm=GET

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 28 Dec 2021 17:05:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3167577-2&cid=1580596556.1640711128&jid=2147276778&gjid=1589450613&_gid=1119350023.1640711128&_u=aGBAiEADRAAAAE~&z=231828825

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Dec 2021 17:05:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.kooora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=232492323&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kooora.com%2F&dp=%2F&ul=en-us&de=windows-1256&dt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEADR~&jid=2147276778&gjid=1589450613&cid=1580596556.1640711128&tid=UA-3167577-2&_gid=1119350023.1640711128&cd8=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&cd16=Homepage&z=1781220063

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 23:49:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62148
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 290B 319 KB
103 KB 42ms
42ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.kooora.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1629546
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Dec 2021 17:05:28 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 vod_data.json Show response
ktv.kooora.ws/ 559 B
685 B 45ms
45ms XHR
application/json 2606:4700::6812:17fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/vod_data.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1673&ch=7511
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc4a630108855df647b87f37578dcc759762c35f3075119d3a75dc498e27ac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Dec 2021 14:48:16 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 159
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=181
cf-ray: 6c4c5fa7c882375f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 28ms
11ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=562459823911593&ev=fb_page_view&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1640711128296&sw=1600&sh=1200&at=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 28 Dec 2021 17:05:28 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 53ms
30ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3167577-2&cid=1580596556.1640711128&jid=2147276778&_u=aGBAiEADRAAAAE~&z=949364184

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3167577-2&cid=1580596556.1640711128&jid=2147276778&_u=aGBAiEADRAAAAE~&z=949364184

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 59ms
7ms XHR
application/json 2600:9000:2251:f600:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1640
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f600:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 02:30:53 GMT
Via: 1.1 3296b04068551f925d5fafd1b785ff31.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 484475
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA60-P3
Content-Length: 19
X-Amz-Cf-Id: AtV8Z3sHHS6Pm4gya7NQdCul_Qzx4Gv4DMQMDPVfvs7YDjeLY6I3RQ==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 76 B
418 B 119ms
30ms XHR
application/json 54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.kooora.com%2F&vt=a504ae39-44ad-4a37-acb0-34e4061747dd-17e020104b3-f1d9a99d
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1640
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-61-179.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: a9e9ce0f2fe232bf31c9f446a35568c225e8027eee116261a16fdc33170641cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Content-Encoding: gzip
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 87
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 32ms
31ms Image
image/gif 54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t1&vn=e2be7c7&tz=0&pu=https%3A%2F%2Fwww.kooora.com%2F&vt=a504ae39-44ad-4a37-acb0-34e4061747dd-17e020104b3-f1d9a99d&vi=0fb4c992-30df-45ab-b848-c7a93c28e3eb-17e0201052c-b3410f6a&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&te=293&sh=1200&sw=1600
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-61-179.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pxid Show response
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/ 46 B
452 B 37ms
16ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/pxid?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 70872cd08115e8fc70b934d799f45f5c187103e7d8e43a9c8d8d46e590875812

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 64
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
690 B 49ms
14ms XHR
application/json 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
X-Proxy-Origin: 185.232.23.178; 185.232.23.178; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 91e60b0f-3206-423b-81b0-1bef8d3d7f83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kooora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin Show response
cdn.permutive.com/models/v2/ 154 KB
107 KB 41ms
23ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9183637a55aecdb40619a09321c4efa26f9bfba418d5251a32b3514d20eb360f

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 616
x-guploader-uploadid: ADPycdsDsrEfjQlbGQbHQEHI69Pme7fMRgS6E70wUQGbzKlAEyv04vfSZFtzZTGpncCvIGrD7pwtw6b3KKDJLdUPR_25g3M0JA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 108418
last-modified: Tue, 28 Dec 2021 06:02:20 GMT
server: cloudflare
etag: "6268654cc836be6bc8fd53c0e083b3c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=qT5oIw==, md5=YmhlTMg2vmvI/VPA4IOzww==
x-goog-generation: 1640671340114578
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 108418
accept-ranges: bytes
cf-ray: 6c4c5fa91b552b1e-FRA
expires: Tue, 28 Dec 2021 16:55:12 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 233 B
419 B 37ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 330268ca0872ec324d4e29aab6992cdeed9d8ea3e92c1be48ebe19b49b285e3f

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 164
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 181 B
241 B 37ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 4d21e93f075c262d3f03a171a571f8fdf14ac5b95f7f6d3e805976d06795a4cd

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 166
via: 1.1 google

GET
H2

200

rexdot.js Show response
gaae.hit.gemius.pl/__/_1640711128492/
Redirect Chain

https://gaae.hit.gemius.pl/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooora....
https://gaae.hit.gemius.pl/__/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooo...

800 B
1 KB

107ms
106ms

Script
application/x-javascript

188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/__/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=299&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&fpdata=IOhrUDbaEtG2VzbOt6CpjzXXRh2oymkTyXYAJyc7c9j._7&vis=1&fpcap=
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: c1232ccff0b145843d48e498d3b2ace20777e56c39c3c7a46bb9afc7ce5bac85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 800
expires: Mon, 27 Dec 2021 17:05:28 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=299&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&fpdata=IOhrUDbaEtG2VzbOt6CpjzXXRh2oymkTyXYAJyc7c9j._7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 27 Dec 2021 17:05:28 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 33ms
31ms Script
text/javascript 54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1640711128072_2

Requested by

Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1640

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-179.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

807b28f5a9f25ff724723fa431d3f518f234d304a226cc4381696706c44990a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 98ms
98ms XHR
application/json 35.170.111.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.111.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-111-206.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 17:05:28 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

GET
BLOB 200
OK adeb9517-59c4-45b4-93d6-f7fd372316f9
https://www.kooora.com/ 2 MB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kooora.com/adeb9517-59c4-45b4-93d6-f7fd372316f9
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c07aa8c35b8587a21e4f810a182d3c89b6750acf26d87433bfefb65d8e8320e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 2062591

GET
BLOB 200
OK 493ab86d-fa6d-4eff-b34b-86fdcadceee1
https://www.kooora.com/ 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kooora.com/493ab86d-fa6d-4eff-b34b-86fdcadceee1
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145cdb385adacb3a7456c6739ac8cd12b2999e8a9d80c3550d6f467833823f2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 22499

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm
https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm=&google_tc=
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEGxyof2kyUYyilUXhD83Usk&google_cver=1

35 B
288 B

32ms
31ms

Image
image/gif

54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEGxyof2kyUYyilUXhD83Usk&google_cver=1
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: HTTP/1.1
Server: 54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-61-179.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEGxyof2kyUYyilUXhD83Usk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
551 B 62ms
31ms Script
text/javascript 54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221640711128532%22%7D&callback=cb1640711128072_3

Requested by

Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1640

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-61-179.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

951b62da6933bf93114fc42d85eea9e3a1b276a99782bca37cdb883dfa34e62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 95
Expires: Thu, 01 Dec 1994 16:00:00 GMT

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 314ms
98ms Preflight 35.170.111.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.111.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-111-206.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.kooora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
325 B 40ms
25ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b60686af350b91f128ea1f01d7c34f6b5cc58e4be2d68194af287e4815bb491c

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 290B 232 B
447 B 136ms
119ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1ecc0a76c57904458de3a177f330a3f65fef81da

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.kooora.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 17:05:28 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c5889f86a1c08cd436c1dd2b3ae0f17562e83742a4f880cb032c67b17e5d296d
content-length: 166

GET
H2 200 xgde.js Show response
gaae.hit.gemius.pl/gdejs/ 54 KB
19 KB 41ms
41ms Script
application/x-javascript 188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/_1640711128492/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=299&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&fpdata=IOhrUDbaEtG2VzbOt6CpjzXXRh2oymkTyXYAJyc7c9j._7&vis=1&fpcap=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: 013a122c7839f7d75e116bc0dc041b77af02f1f75d6eb299cb47c1155dde8565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 06:10:32 GMT
server: GHC
etag: "616678580000D869528FC5A6"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19293
expires: Wed, 29 Dec 2021 17:05:28 GMT

GET
H2 200 xgde.html Show response
gaae.hit.gemius.pl/gdejs/ Frame 08E4 303 B
314 B 41ms
41ms Document
text/html 188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
expires: Wed, 29 Dec 2021 17:05:28 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1506063979515344&ev=Microdata&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1640711128724&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fo.kooora.com%2Fi%2FkSquareLogo.jpg%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Atitle%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%2C%22og%3Adescription%22%3A%22%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%20%D8%AD%D9%8A%D8%A9%20%D9%88%D8%AC%D8%AF%D8%A7%D9%88%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%A2%D8%AE%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640711128219.442323543&it=1640711128083&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 28 Dec 2021 17:05:28 GMT

POST
H2 200 tpd Show response
api.permutive.com/v2.0/ 2 B
90 B 22ms
22ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 22
via: 1.1 google

GET
H/1.1 200
OK 5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179
collector.effectivemeasure.net/sync_webhook/permutive/ 35 B
288 B 31ms
31ms Image
image/gif 54.76.61.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/permutive/5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.61.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-61-179.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:28 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
78 B 22ms
22ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 17:05:28 GMT
via: 1.1 google
server: Permutive
alt-svc: clear
content-length: 14
content-type: application/json

GET
H2

201

sync
api.permutive.com/v2.0/px/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179
https://match.adsrvr.org/track/cmb/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179
https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179&alias=3be96404-0050-4413-8615-6c5cde450a51&type=tradedesk

35 B
107 B

17ms
16ms

Image
image/gif

34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179&alias=3be96404-0050-4413-8615-6c5cde450a51&type=tradedesk
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
via: 1.1 google
server: Permutive
alt-svc: clear
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179&alias=3be96404-0050-4413-8615-6c5cde450a51&type=tradedesk
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 377

GET
H2 200 xgde.js Show response
gaae.hit.gemius.pl/gdejs/ Frame 08E4 54 KB
19 KB 41ms
41ms Script
application/x-javascript 188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: 013a122c7839f7d75e116bc0dc041b77af02f1f75d6eb299cb47c1155dde8565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gaae.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 06:10:32 GMT
server: GHC
etag: "616678580000D869528FC5A6"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19293
expires: Wed, 29 Dec 2021 17:05:28 GMT

GET
H2

200

redot.gif
gaae.hit.gemius.pl/_[TIMESTAMP]/ Frame 08E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/
https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuB...

43 B
225 B

41ms
41ms

Image
image/gif

188.68.250.246
SPRINT-SDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&google_gid=CAESEFnJ71dPok7aRBqqIyy6Om8&google_cver=1
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Server: 188.68.250.246 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h246.sprintdatacenter.net
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gaae.hit.gemius.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Mon, 27 Dec 2021 17:05:28 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=W_3KmagBYz78en2nJlYxUp3rvNRfj2JkJEoD1qoFef7.O7cISPhoJomBzdncFz7l4iS6cUMbeZlTvGIUBI3v0NUuBpMR/Bx9ad0u8IHOO9/&google_gid=CAESEFnJ71dPok7aRBqqIyy6Om8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 19D2
Redirect Chain

https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=562459823911593&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

282ms
282ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df361284607885b8%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff360cfb15db61ac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js?hash=6366f98570fe5e585554c97a848a1830

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: vgNyji09SFPkyfyQyxoJD8/9bPomG6CqhMulwxWq1a2VOtQ2xe1l3DNloZ/qN1KlHm2rGJaICauQ++IXB4oScg==
date: Tue, 28 Dec 2021 17:05:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df361284607885b8%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff360cfb15db61ac%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v11.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: M6LqzePW0Cj99SE2sZo9FqEogqaB+ZU2VhXMO0YB0BrLtctu9a0+Ariasstr/G5K1K//fBkQosfoghPGntusoQ==
content-length: 0
date: Tue, 28 Dec 2021 17:05:29 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

POST
H3 200 rum Show response
www.kooora.com/cdn-cgi/ 0
165 B 33ms
26ms XHR
text/plain 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Tue, 28 Dec 2021 17:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.kooora.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6c4c5fac0b903ba3-CDG
vary: Origin

GET
H2 200 tagger.js Show response
tagger.opecloud.com/dms/v2/ 959 B
850 B 32ms
9ms Script
text/javascript 35.157.15.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/dms/v2/tagger.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.15.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-15-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
cache-control: private, max-age=3600
p3p: CP="ADMa OUR IND DSP NON COR"
content-length: 504
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 63 KB
17 KB 82ms
20ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cad23c63c500d428b4a3c0f9d23109d1021f7218867f313802ffbc2cb0104275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:39:47 GMT
server: AkamaiNetStorage
etag: "b490ed21c910e166f41fde4dd61d6e36:1639071587.435313"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16724
expires: Thu, 30 Dec 2021 17:05:29 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 86ms
25ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/5406/ 338 KB
7 KB 88ms
26ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/snthemes.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f8af7d41891e549c89599ab6d5735d15608b558abedaf3868812d10c780a77c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
last-modified: Sun, 12 Dec 2021 06:02:24 GMT
server: AkamaiNetStorage
etag: "661d6b729b11f624ad1bbc464ea75534:1639288944.458268"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6797
expires: Thu, 30 Dec 2021 17:05:29 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/5406/kooora/ 21 KB
3 KB 92ms
31ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/kooora/settings.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 718b204b38261fd44bdd93aab8a16db007f6bcdceb4b34f00fa23bdccedf182f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 18:51:49 GMT
server: AkamaiNetStorage
etag: "c6fd855a60b93e53a511ccab40d43d67:1639421509.186984"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2356
expires: Thu, 30 Dec 2021 17:05:29 GMT

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1
https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1&trackability-redirect=true
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-jwZ4JddXCOPg1NwzsOBxF0CIExNe&source=dms
https://tagger.opecloud.com/dbm/opecs.gif?state=2-jwZ4JddXCOPg1NwzsOBxF0CIExNe&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1

35 B
211 B

15ms
14ms

Image
image/gif

35.157.15.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-jwZ4JddXCOPg1NwzsOBxF0CIExNe&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1
Protocol: H2
Server: 35.157.15.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-15-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-jwZ4JddXCOPg1NwzsOBxF0CIExNe&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fwww.kooora.com%2F&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-wEbkwtT2j0%2BdaDQbH%2BylFQ2nyYWt&source=dms
https://tagger.opecloud.com/dbm/opecs.gif?state=2-wEbkwtT2j0%2BdaDQbH%2BylFQ2nyYWt&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1

35 B
211 B

12ms
12ms

Image
image/gif

35.157.15.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-wEbkwtT2j0%2BdaDQbH%2BylFQ2nyYWt&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1
Protocol: H2
Server: 35.157.15.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-15-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-wEbkwtT2j0%2BdaDQbH%2BylFQ2nyYWt&source=dms&google_gid=CAESEHuhUfuUVrdUQsUqjCQq3gU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/5406/translations/ 60 KB
6 KB 18ms
18ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6e29b3e6bd857c14a524eff4cbb5535c9b85e86bd1171d96960a2237c2b55e5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
last-modified: Sun, 12 Dec 2021 06:01:50 GMT
server: AkamaiNetStorage
etag: "a9f58998a7f73fac3b1ec1ef4cc85f0f:1639288910.602642"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6189
expires: Thu, 30 Dec 2021 17:05:29 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 12 KB
4 KB 20ms
20ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 90e96b8ddeddfd57732f5a8da1654a24c24e10692703d3cbaa203ba9164b1c0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:39:47 GMT
server: AkamaiNetStorage
etag: "d3cae5c9f2de37800cf22ffd4777e27c:1639071587.932535"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3311
expires: Thu, 30 Dec 2021 17:05:29 GMT

GET
H2 204 2
l.evidon.com/site/v3/5406/14055/3/1/2/ 0
120 B 309ms
99ms Image
text/plain 34.227.252.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/14055/3/1/2/2?consent=0&regulationid=2&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.252.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-252-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 19178
l.evidon.com/site/v3/5406/14055/3/1/2/2/ 0
121 B 295ms
98ms Image
text/plain 34.227.252.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/14055/3/1/2/2/19178?consent=0&regulationid=2&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.252.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-252-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 19178
l.evidon.com/site/v3/5406/14055/3/4/2/2/ 0
120 B 286ms
100ms Image
text/plain 34.227.252.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/14055/3/4/2/2/19178?consent=0&regulationid=2&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.252.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-252-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
135 B 18ms
18ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b60686af350b91f128ea1f01d7c34f6b5cc58e4be2d68194af287e4815bb491c

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

POST
H2 201 events Show response
api.permutive.com/v2.0/ 1 KB
848 B 17ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=true&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 322b91f02b83c599975b2f07fb2c923c9549d84eeb65f54fdd0eb8c33b76a530

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:29 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 776
via: 1.1 google

GET
H2 200 learn
ae-gmtdmp.mookie1.com/t/v2/ 43 B
324 B 55ms
16ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_969251&src.rand=%5Btimestamp%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:29 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 264 KB
61 KB 598ms
598ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1609348756680751&correlator=2264598214521223&output=ldjh&impl=fifs&eid=31063898%2C31061165&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211228&iu_parts=7229%3A22367575525%2CKooora%2CHomepage%2Cwebinterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C1x1%2C300x250%7C300x600%2C970x250%7C970x90%2C1x1%2C1x1%2C2x2%2C2x2&ists=68&fas=0%2C8%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=pos%3DLeaderboard%26adslot%3DLeaderboard%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3Dwebinterstitial%7Cpos%3DMPU%26adslot%3DMPU%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3DPushdown%26adslot%3DPushdown%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cadslot%3DSkinning%26pos%3Dinskin%2Cjustpremium%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cadslot%3DOOP%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3DN_W_Homepage%26MVPlacementKey%3Dtop%7Cpos%3DN_W_Homepage%26MVPlacementKey%3Dbottom&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26permutive%3D23620%252C29955%252C30033%252C30937%252C30940%252C31303%252C32849%252C32850%252C39078%252C59108%252C74931%252Crts%26puid%3D5e2f62ff-95b6-4d6b-bc9e-48d8ab5ff179%26ptime%3D1640711128487%26pt%3Dhomepage%26platform%3Dweb%26topic%3D%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A6%25D9%258A%25D8%25B3%25D9%258A%25D8%25A9%26country%3D__%26path%3Dwwwkoooracom&cookie_enabled=1&bc=31&abxe=1&lmt=1640711130&dt=1640711130127&dlt=1640711127500&idt=541&frm=20&biw=1600&bih=1200&oid=2&adxs=317%2C-9%2C315%2C315%2C0%2C0%2C951%2C951&adys=58%2C-9%2C961%2C0%2C0%2C0%2C1093%2C1505&adks=1849622489%2C1134439404%2C1210273051%2C4116334476%2C1073378467%2C3238449015%2C3314042845%2C3314042817&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kooora.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x90%7C0x-1%7C300x3320%7C1600x4533%7C1600x4533%7C1600x4533%7C660x1545%7C660x1545&msz=728x0%7C0x-1%7C300x10%7C1600x0%7C1600x-1%7C1600x-1%7C660x0%7C660x0&ga_vid=1580596556.1640711128&ga_sid=1640711130&ga_hid=232492323&ga_fc=true&fws=0%2C2%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C0%7C0%7C0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0316da836322dc6bcb4427e18c925b14d8a56f4754bcb326ed7153d6c13b5312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62691
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,5852634670,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,138374289852,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 63ms
40ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b3fee742b2dda4613318bfe7e35c9853340b6ccd39f1e3c69055874c32ee05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8594
x-xss-protection: 0

GET
H2 200 container.html Show response
f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F98 6 KB
4 KB 94ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 17:05:30 GMT
expires: Wed, 28 Dec 2022 17:05:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 24ms
23ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 471ms
448ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 28 Dec 2021 17:05:30 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
180 B 15ms
15ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e10ed5b879eaf877cfb9534e47e42bb51c7da49ceea649eb4145e1b74aca93f5

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 112
via: 1.1 google

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DFAF 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 28 Dec 2021 15:21:13 GMT
expires: Wed, 28 Dec 2022 15:21:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC10 783 B
535 B 32ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3546bed34444a021f83187016584e78f2d0b952c7af7efd56d38729b3a2e4bb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DZTlGu0A7gjxGe9mcEQehQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Dec 2021 17:05:30 GMT
date: Tue, 28 Dec 2021 17:05:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DZTlGu0A7gjxGe9mcEQehQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame DFAF 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 11:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 11:28:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC10 0
0 51ms
44ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1609348756680751&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame B8DD 189 KB
55 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame B8DD 13 KB
5 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame B8DD 89 KB
28 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame B8DD 5 KB
2 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame B8DD 40 KB
13 KB 58ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B8DD 4 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=ar

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 17:00:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B8DD 4 KB
691 B 42ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 16:16:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H2 200 325806798023964140
s0.2mdn.net/simgad/ Frame B8DD 310 KB
310 KB 85ms
23ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/325806798023964140

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95af7cd191602d522ffc097bcafb8d4be0ee238396b76c0bd2bc34f05310c402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 16:00:02 GMT
x-content-type-options: nosniff
age: 90328
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317132
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:43:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Dec 2022 16:00:02 GMT

GET
H2 200 6293696830746985953
s0.2mdn.net/simgad/ Frame B8DD 109 KB
110 KB 69ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6293696830746985953

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b83ae4b15c2237063b3a42ae57dd39719050026218190d823c5be22e2a5e8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 16:00:03 GMT
x-content-type-options: nosniff
age: 90327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111815
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:43:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Dec 2022 16:00:03 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame B8DD 42 B
533 B 54ms
29ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUE6W7LRSu1p09cZxY1IQLICbX8biObRvUkVvmPIx3E-PkTOHjZB4bpoCzkhU05zDwYZjsHhMYGx6yyCZNZyAW2yYadrvsXNVk_4EsnTfkglPF3NtoHuL4By6FKTwXnc9ajJyYavw2uiTAYJee7DPr9VlnkQ&dbm_d=AKAmf-Bpbpc0vjO48xc2LJjNaG6PQaKccJ1J3biFfIRRBGDoHszThW-mfp-_RSmiVXRH36bVEYAKMDxNMlzUilnRMjd5GPrTbkycxWyUNrQwMfi_iEqmQQnKZPCFfDtoeXSrtV_sXU3EztmVt3zQmeRfFT47JJxlU3sqM-l8ragepJ7ctIIDfzKcxHHnKtRpsJB87T-4xORqEHiyyap5hTAHzahnx3BhSsB1Ztxf40wQnmpM8C3cJ4UZe3pYszRh1VE2qiiyBgYCaXOJcQ5z6yL_PeWVnh7qgo1HEj6W8sTc42x1H8b5iAjOkiZ5lINqALUGnz7PErUwipWaQBG4zyfUKyQQ7FfeX71aXNeVhGxuMYFWYoD-asnWlriE9TlZTEoIybtJD41ffQM7E8SVSlDeHqa5GyrB9TSezdsxKG6XtPJ_PUUP7QEH89jbKX8wtPa3KYlSRGEJmfEPWlyBCKhOLavbPThoCh8gAbF6JiW4o7e2Ie5UhhwMtMJ0Lf0DnfjOTg2dZKYL5mP8aCDz5zxhA6q7Jb2xVBUuktW8cKiRzzch3GQfEeXQTEz-6IcQdZK-FlMi4oiWTW1t6CWlKV_cdCtZ2jvuDc6GKgDMfTQeLH_iqiPt0jnrRdJOsj7vG0EGe4KuJXgincwuL7_cb0p00np9wl7DG6nS_OGgzbStyJk5hsgiFDgFSSwmt9XYSlCqN-HWGZpd6Dnx8kIfOFxbJk3YnU8LcRT4kwWuaFxgrwfwPzaZKbQuh54-deKACaDdltRPVYhl174cjfByYn0YeCafHzKpxIkdBzaXcWxVetbMt-IApnBX81RGPGjLj4dD4LzhI01EJCsO4p88u0j-Zj7M_48nD5bLwg6bh2Yf6hV9yEvieqsJWm96ajj_nJ9d96fNeoElowkg5ZYGbs8_nkaqaRdhn-a6qpecyxernPwVb2V7siNwKJlAMwglgbPjN9dQlTXyJGqQvpqPlbUWLbC8obPnR2B-t60jFqVAZCQT-RXo7TOBpfmIIg950WEiDAM6E9Tip9-prDsAyOXrq4aYJpxDRSHzaXuaVzfXeHvkph_MrREH06d3D49iCuexNjok2z8tJxPhtNzqVuwFgMfNYnuMjgB6f_geNlEh8cvplW0WqjWqhWds793MJ7AZCnlB0M4HgAfXkMVS7qGMTgjHzMAfqTPivrs0ueOjt2KA6WZzPG0c1oCd2HOyeMKzgBcBI-EAXSvV4m4DndT4N14Ae2id7-qQZaEKGTASUR1wx1xVasSsN3IGamTjbwFbh-1u_aMVi02PBRVbp_hwDJCHVCBM_eBpiAiUlnW_e66ogrXoga_2jKcnMM87yw8tIJ_oPmPVuypS0ojoNeI2Uk8RxUuxfQ6dfJaqMZY0bdw_nh2fSa9Kh4NrF794pKg92fpaipk3-rc7T0g50PWviACXGBBLqKHBbiC9zoLrDETOU_bw7JUIwIpZ-HytGn_o_4D9j1ffOHpCbXkGlzHT508eGKVFD6u50DnI05n5k8ObbJIw_E5libvfmFdTOJV7X7lty_Q3xlv0vu46YD-_l-qpqn-yL-Ob1A32lh7UmCPfMeXx5bdQAJRTXRuJXaKNwnCkWTN-nLcaeWmvSEMgws6T3gnshjW1elBv8813rxoIbBgAYQjIMAReqPdb4MeAJHPAJrJYDAeeeqGhRfZHXdCGVDXmBhyzS5lG7VkTmmxGgu_lvJ-42_Mpw5FNOi_OgqTFAhHcknjsbLHfa29U-UayGa8xPfFiG8CHczWKQlgxhjKA8DdQOF3q4lRJaLkOA2diKpenOe4qum7fDMEtlS3Ez6JZYuc-bFVzkkVRXFzYfPOdydCuaRhzVyXOl1SCMtfpkS86olqiNxnOrrlSn_CdLv9DqT3__FGub4PyBb0RBTkmxw1250ZrEqZNKfKr1Ar0taBCVUoq9-GI_I56CcNZtWaexv7iDj2Dht2WVA_OldcGQ_qy0RxZSABpiVZJ6YS5xrB9M32xvhDC-R7OMyMW6-nBzykLSz-jKvVKmlPRa1yxfi3eDEHHazYoB3I0hqnJXGPRnBhDJnhjbMrj61Gaonv9Q6peqzqYY8Ze5p4ZHI0sdnEhU_XkFb8RHNd96Bw8E0nOWMBlJgmoQesTbo73NkSs-6yhRFvd_K2dDQggjBGqECi7T4q1gFyzTYaHgO58qlPle7ffTW5Li3c9DFkvPpLIN1qThCQLkQfsSOkyeU3GmuoubyNsvmQYvwcO5xo7MnxuQD2JZQIIx_D5OkDKXgQDFDDvcxkM5d1lLDbKQCCFpndGzwInT5k-ckl73nlR8ehBk9FXixaFGnBI4Cktvqe6CM5BfuE92rcVwACZsvwW8hC9u1MRQ4THtLaIBfBh7X3RUA61fF4HcPaw9Cumoy_qRQ5mTxLhoOvFkm7euWtfLiOXiga606-VyjeYnP3yCfdLR59WKu_LV_nXOpi7niZvq92WcjBvmFT7IlvVM0oafkBdQ-GbSzkk5hxqRhYdCpyRIDN8VLC6P1xDGvNc9ioWqLYJ_VtbzoJSrsH4mGfROSl6aCqKu2ZtKCAVPa19GA_DvopP_Uqrzw4JRBBPCdv2piJgu1nibL1WTUegBJVJbE-KurQrhUyRdDBx7lfO_vm1i7Srnox3p9O92wpMdprzCiHAFoYoNGPIzNydIqWMAKVyJ0cwmvitmQ4xWQLCM5XzaGmTKiFPBQbGhaJiSljMJgyaU7cnwlBoZXYza6yAJ0-lvcr5Pz4FSk-hgG2uAwNy6h9a8lnBEYbIQkX9tiuewf6rsRaVv3SX0p0_TF_9_CsnH3U3pKLjfP1boPiCzoizVH78BxiOgUqCq6PJ5BQhAtzdS7prSR5ApXJGpH5E8rPeFeGIfE8YM11W6FbQwVrvy6foOSiupbeAfhbt1gQP4YM6fzf4tJJgi4BxGciKE2ytMCLwSEz519_Xl_yTYo6RygPIzmvH5nQxqBhV7Hqgyjw8mBy6mFlYa1nSCVOFH61GavD49RZ3MdmpW6K8dUwpSwE90LZEXwX3NfFUAiKlfg&cid=CAASEuRogyp_qZW7HMeXpcaMvJ0lXg&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
track.adform.net/adfserve/ Frame B8DD
Redirect Chain

https://track.adform.net/adfserve/?bn=48332318;1x1inv=1;srctype=3;ord=1640711130199887&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&...
https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199887&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVers...

35 B
395 B

20ms
19ms

Image
image/gif

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199887&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
server: nginx
location: https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199887&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B8DD 0
0 43ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVhb32kPLYc-ZDIrJgQeY-JKgA4ytqaZnweuh46MP0uHS4LIBEAEgwc6BH2CV4pCCoAfIAQapApYU24k8_7I-qAMBqgTlAU_Q0GZbtcLlt01RvOzk42fnMQp3A25k7aFJ8zjak-Jq2MWCOFdQOFfkczPha8U7NnnLBrv5qts6_eCtaQ26FMWPrb0s1XTE6FhkpLa5dgPfNkmnwOlorMit8c9Ij1U9j7lkkUL-uA-SOdku0QFrUs4oSkosA5cCAprgT8Xw1sxbhiUvjRDg60eZt-2E-4mzftkVYbyG2mxZjmgp1_JnTXpeTWrRACbkAaycKs0HO8U3vXVl-CpudVFf60F-QHelJnUWdH7NZEkGpeVhxH-GAVAsRpihs-U3dP9cIJ2v42szpg6VAXjABLClzNTnA-AEA4gFu-3csDSSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB7S7lDyoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHChD5okAY19n4uwHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI2NjE1MTIxNzUxMzAyMTKACgPICwGwE6CA4w3IE4Sa4t0D2BMDiBQC2BQB0BUBgBcBshceChwIABIUcHViLTI1NzcyMTk4NDA0MzUzNzEYz7IS&sigh=C4V45HDGdNg&uach_m=[UACH]&cid=CAQSPACNIrLMtuuCM4zah8V9e1XGYKuVx61o3a_ImQ3QbA6yvCIpBrtGtUikp5q1DHQCbv35TTDAQGjTATFafA&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B8DD 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
age: 9497
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Wed, 29 Dec 2021 14:27:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B8DD 344 B
368 B 8ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 385
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 29 Dec 2021 16:59:05 GMT

GET
DATA 200
OK truncated
/ Frame B8DD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf1472fc7a7781b4a6bd2bb538d8de786c4df4a7ad054963c64ecbf123e4c780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1640711127639&de=116473191392&rx=727393767445&m=0&ar=0f32f0cf010-clean&iw=a6edb07&q=1&cb=0&cu=1640711127639&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A491%3A491%3A1533%3A415&fs=196272&na=1381756307&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H3 200 container.html Show response
f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B5B 6 KB
3 KB 28ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 17:05:30 GMT
expires: Wed, 28 Dec 2022 17:05:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 1BC5 189 KB
54 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1BC5 13 KB
5 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1BC5 89 KB
28 KB 46ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1BC5 5 KB
2 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1BC5 40 KB
13 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1BC5 6 KB
665 B 34ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400|Roboto:400,500,700&lang=ar

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 17:05:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1BC5 6 KB
665 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 16:11:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1BC5 3 KB
3 KB 11ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
age: 9497
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Wed, 29 Dec 2021 14:27:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1BC5 344 B
368 B 11ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 385
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 29 Dec 2021 16:59:05 GMT

GET
H3 200 container.html Show response
f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A8B 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 17:05:30 GMT
expires: Wed, 28 Dec 2022 17:05:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89CC 0
0 50ms
49ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstubFkf3TPVpk-9DBeKt4huUB7jah6SZAgZx09DkibTDeH6TY8qsvDY6-cgk-HfbekVw_UHqWyjDPsmeCPlzSOkjFwpnq9O7R3SAhdGVETZSD_bL6LlZppFuaQamS9b6g5CVDNDLGlmScKfc3UWDDVYuaRC66855LGG2Yzt5p4XC1AJrtzt19GnKEfgLqDk9WoIhLRzAxFh9HQPXWBbql4iPN40LDX0mWL3HVuhrIs788W7CgdpWzIe5tjBx8WMN_6D8-MaaSgawmUIjmN-EzaOgzFRAXVffZbNNbYmdssZtbpW-WKQrrt8JQdU6CUdeb47vHqN&sig=Cg0ArKJSzEVvHMgg3L0_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 3fa6337ffc1e0d497ac2f894b4ae7084.js Show response
scripts.cleverwebserver.com/ 145 KB
53 KB 102ms
39ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/3fa6337ffc1e0d497ac2f894b4ae7084.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b7d9f36f20405df8e11cf105175c84ff18ad284a091d2bb1680b4b071274e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 372
x-amz-request-id: 5B73VAMV3JS1JMHW
x-amz-id-2: 3BMIkv1t+alkRUiCY9LSN2x/NEcZenaMdDYE8YtRdrotETrVytxOiWlGFAtC0y40kOUiAssq8HM=
last-modified: Thu, 16 Dec 2021 11:58:48 GMT
server: cloudflare
etag: W/"00a8d3eb776d14fed62b6b0ed3ca47c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: kULjQyP9_XXfaV2eG.p5tUKOkHXCB9VS
cf-ray: 6c4c5fb81e73375d-MXP
expires: Tue, 28 Dec 2021 17:35:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89CC 119 KB
37 KB 1065ms
713ms Script
text/javascript 2a00:1450:4019:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/choueirigroupdfp451918234534/ Frame 89CC 12 KB
5 KB 22ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/choueirigroupdfp451918234534/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e7781f891192f6c8a7726aeeb106a6cb73f4485c4d7b2ff16ab1eacba56eb25c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 16:56:17 GMT
server: AmazonS3
x-amz-request-id: YH6KPJRCDW6BJDQJ
etag: "9691f5eaca206c4e122c9f2e62d3e67c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49738
accept-ranges: bytes
content-length: 4365
x-amz-id-2: ewLIOiEWJm7ZVXyHC16r6c+HSsb8NrsLBgCDBay9cev5os7x3plvL9hh4aoQSmcJ5ykxzmfsqnc=

GET
H2 200 8135064381614399404
s0.2mdn.net/simgad/ Frame 1BC5 444 KB
445 KB 37ms
34ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8135064381614399404

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c325fbb5f51aacbb5b415afa4317f72261d22e2acf0fd4ab7dcad32c7e128f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 09:52:11 GMT
x-content-type-options: nosniff
age: 112399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 454878
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:39:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Dec 2022 09:52:11 GMT

GET
H2 200 3719919135927475502
s0.2mdn.net/simgad/ Frame 1BC5 109 KB
109 KB 34ms
32ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3719919135927475502

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b83ae4b15c2237063b3a42ae57dd39719050026218190d823c5be22e2a5e8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 09:52:11 GMT
x-content-type-options: nosniff
age: 112399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111815
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:41:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Dec 2022 09:52:11 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 1BC5 42 B
63 B 50ms
34ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOho0iWzmEpm__xX_Jd_dXtCYiHAiqPQQ0PjOrBDvZBbXa1P7Vow0OiUkYYcWuko6Xxk1KVwc8BQEqQlkvuXVTsKRyCwRuP1zHdxyaOlohAPBCjq3AmgAfJPsIznvMLdMZiWo3glcJv-pLXgPO_2jWzlhtMw&dbm_d=AKAmf-C91MDGDVRHgrcwXs0FQEGzc3rIVC1mvHOsXaPVTmL4-SZmtNRW5a0EikuuxjwWXhuynHAcmaXtFMTp6c6MsI1kjF4RvyGTVxsZvimWjARzjKKV83-aSmI_hV6uYtVEOwe66rYczrYhXhzStyH59K3OR5peckVtamMN343YQ3MN_wpQL1Zufj0wHHkpsOvkfoJW_aXjlTlHS8nW968iGadJbL5Sj7lMvsWhyjWfvBZVQhtwDMG8yvRti9zfmE8afQpknQUMiTv92HoZksn0sVX16Sxu0JbCLaqePNqNCth592RhVigecR9NvK9LiaJiQrVAnNz0v94SBhNZK6Vm1cZbqT-s8vnsBgUWSwfBXSgXfCmEED3nxK13IVsCDEjWEVTS2wggYx6vxKNww0C-t89rZqwRcEi6Ui0hdw-tc0AgmaLMEGUmDjULkiKcjs3cmTbuLa713JZzQa5pnSrt9faDKwVyEo1_YWg5vJREBcp1uq5Xr_Y1gd9BXY4x9i_u8Xz-dj5nSqsz-XJurpjQsnGJs-I3oOeengpH7pSdnxLZkvPc1Gp0QlzzkhX4xCdKCoyNQDPZuKAqsJY5_vcslIAbG6V1C5qMfbQPeSJXfOuydEUDfZle-bjyULtvxG07xS2g76IaQTKqi-I3xbzAin15cP84Eb0_ZAoc5iPpM8zdhsflrCChLo802Cele-M0-sBhJYMGzb3uujfmnBJnU9pq6xg9QIQsIP96GdqKsHxITxjj9dpVPgfuqHzn_6-MK9s5mD0j8W9Pw6k8SKD5GK11cRbtFOzTLAf3GVH1LpEKBUBJaLrVj7navSt2cCFjeqNawR9nqDTe4JMhRCKGtyurBalhTNqSbJ5UQptVOPNO1mk5fsgejAWSapyKK03iW9RpP0b7D3NzhCnRJnE_AW2ZC6yKqpvgFuvHHyhi-xN1sVC4u2djXCMs784TJEUmxyWlKmRESbdf0m5fX9hiUc-2jVSmpgWOZ_0EMv4CMAiu-aeZTevbc43MfllvdS-NgwoduQOdgBytHp-NgVWQeyJy1aJGTnyUTqW34O9nlRIzBuDVg3Rios8qEVp5YomZUhzaMGYBEWMbgeku6UPfFGFgXhpJD14O1tCcVHlEwzVoYvyCUzmHxWp722tax7ZAmSrdkDWCvclCoHbEhv0UuacR9KWHWjM0TNzoDOSj7clDkovy2MRd12sArOLfZYXvF6dZn8n3sTsij6HYAsZCm4TK3kAtNuICm0YO1rHJp4_qR65SH3waVZodE4PdRsdhkPSeviqg8UXHyzrNdoDjNhm-S4VICDl_80Y07-K4PIFQCWKTA8sabxj0igqTywNd0DhTC-tj6P5WeffS6pFp3PxckiyP-X6ZDNgsZFGYIAEHKBPMCN3GCXd1OEwtVSXdfn6SO2d59ohUenrz9MnaD13-9zYT7qhQ3U1_MJUlGhMWIebc4QqxeIQ3SwAxauF5qUAK7Et7lDfnv9FaO7T0I-gIETVLFbnY-fH_zWQLYJd7RRz7iQ8tHLeHHo53B5n5uZbOUP68xpEuRd_UipZPM3-UmgCB-zo5hsH6_h2O2_u3SVdxgXRQZdYPYE1MIAi25jmbsFRkxKY8YRv7qIWRdLdbxILeo-yevr5iUcqCpZ86FIdMWD5f0wmYG79Iu_rX57dYtA3-KVfRpcZts7P-5mBgWT_1ITYXGce5_uMDsI4fBZ8dXv79Q0RshdwtrMsvQJWDeKsC517h8dwfojaA2selW0FiQ9IoALfye16EOQ_7JScm_YgvpGjOTA8m-zeYlLEu0uZ_uZs_SsuSlIqiZElQ_P7G1twZMoH7EuSY-SwASOCESkWwfJKEM3aGjKns5MSNMALPRhwt7kQB8lmRqvBwuTwL43G05ADd5nSKru7xR7-Cfd-faHdvikQWUVScP4NPE6jiQtICeFsboiL7ZCoXvbjNrWOb66SgpgX6NNRDw8hLdQND6_3CQUd1mA4_ZyLfmkD_8ygEQ_iITdByQczKnbD4GZ6TIIFhadNlz-7ZeU3upG0dsZMb-Laq_GoOqqmNIs3Yf3GNC_r3scYGqmYNKK2qAxJcuMU9FmvWAccTClMVnmXQVomgJa2FFGejZJiAuLzZ0SLzRUvt6z9lVbOslIl8T1_V9IMHH2l2LGeacP03dseXZ8iiwjbxS6eFSrdun3ae3sMIU-5KWE7Fx4PBXAHzj0msnY8ac8TBsRI82NfliVhwkOIPKLNXB8Yo2ASYotGgjc_IlHY5wdAZwSAoZMF_EbbV0WH0hOHbs2gUulDAXZR6eGIqbR0RPtD-3IQ1_3BEJI8vFi411ltfxDeTwmGKPVnftsyIWGpoGXutoC_WK9LLItzD-WRpuVbmyQaayIAN4eZtspjfpgvAhSLC5i8rBLN6_ihPiwIbcYT0Nqb-qkKBHbmQgR2dvxJApHsyMX-g8Hds_yLECxs1YRkk0CIxpWdExPjQMJbZXnzKHR5jNlaC1TbDUFdfn7WFSlalwO1dLnQUxJ6IYKtPv_zR_Te0pjeoxl87MmUmTB1iQnMYWAL4vYmx0MaUHwlHw9L11kysQ04iGv6UlWnfB4mQi0W3Ik4wYPyCzN9QRRI2EwOVedjNNFjrJF1-_QuqAGS8qhvqZ4FuscnCS5qyfMEIghl0rKbN-mx57aXuVBctxxgytjqWCMFLJ7FDiuTCed_pw911XSyHUdaRNwYbVPKY55zpC1UYfFEaoz8hzMqGhUGaYruAXfVgirjLbwvDlViWM8VU0es8iu14CswqdXJzDsUhKe4mtlowkj32j1htAR35aJ_ChY5beMXWJNP1ml2KIFNoNbX8QM4k30zZ3qZ5B9zCgRJPeKA1vTnBWSccaJwS0HpOgFmcK1eR9xJ9f6E4susvO5KpLAh0yJu2f0eAEkWm3UDdxsorq9X9hBBJYUVlZc4gtVfQbFOtq_8m5fHAYlNafm76YD6C6O4P3TRsjdal3bc8OanCnVRt7nr9vYw5C7GZKDgNyJqlb0clTi0DDHn1i8zBd0AYZrlQ7vE6gC87MjM_PL7GgqW44CMtgWSYvc8&cid=CAASEuRoW_0LuuWZgZr3bWhFml8ofQ&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
track.adform.net/adfserve/ Frame 1BC5
Redirect Chain

https://track.adform.net/adfserve/?bn=48332318;1x1inv=1;srctype=3;ord=1640711130199889&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&...
https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199889&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVers...

35 B
395 B

19ms
18ms

Image
image/gif

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199889&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
server: nginx
location: https://track.adform.net/adfserve/?CC=1&bn=48332318;1x1inv=1;srctype=3;ord=1640711130199889&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1BC5 0
0 49ms
48ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C86QQ2kPLYdGZDIrJgQeY-JKgA4ytqaZn-emh46MP0uHS4LIBEAEgwc6BH2CV4pCCoAfIAQapApYU24k8_7I-qAMBqgTpAU_Q-s6ejMUkgaOhaO_8mApih2vVd4dSeISdD9CjT8tUmUw-Z_Ik4a090RiXX5yhOfOpEKLwCxVYJU0zFMoT2kHj4NxIxpEsYKI-Z0DoVX2Mb-EEBUqULsdyWeXXatwOuBpXmyOvXLvflDOiDjEE94E_24ykq17HoXzzhzZyRymhY3Lm5PfivwjVbQrQPKshJfItHOETarKx7Xfa3kagFLc3Y1E_GslbKwrGzwXRjOI23ut1Tqde6XG5Q-0BubkC3ieYt_5_9sQp0WZ-TQZQSa4NWdfcM9kgm9xv3Xc8ZV2D1ZlgW6i92-0fwASwpczU5wPgBAOIBbvt3LA0kgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAe0u5Q8qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwoQ-aJAGI70-LsB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0yNjYxNTEyMTc1MTMwMjEygAoDyAsBsBOggOMNyBOEmuLdA9gTA4gUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNTc3MjE5ODQwNDM1MzcxGM-yEg&sigh=48WwjR8mxus&uach_m=[UACH]&cid=CAQSPACNIrLMtuuCM4zah8V9e1XGYKuVx61o3a_ImQ3QbA6yvCIpBrtGtUikp5q1DHQCbv35TTDAQGjTATFafA&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1BC5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e09bfe351469e813da58c152ad9be123d6c0501d5298e2006a23b3295307116d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=webinterstitial&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1640711127639&de=36984296735&rx=727393767445&m=0&ar=0f32f0cf010-clean&iw=a6edb07&q=2&cb=0&cu=1640711127639&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A5660819029%3A138345421001&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=webinterstitial&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A491%3A491%3A1533%3A415&fs=196272&na=202413328&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B8DD 15 KB
16 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 573084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 01:54:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B8DD 16 KB
16 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 559932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 05:33:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1BC5 15 KB
15 KB 31ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Roboto:400,500,700&lang=ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 573084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 01:54:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1BC5 15 KB
16 KB 33ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Roboto:400,500,700&lang=ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 593855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1BC5 16 KB
16 KB 33ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Roboto:400,500,700&lang=ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 559932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 05:33:18 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 2B5B 4 KB
634 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 16:13:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 17:05:30 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 423A 1 KB
880 B 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:01:31 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 423A 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:05:07 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 423A 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:03:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 423A 119 KB
37 KB 637ms
445ms Script
text/javascript 2a00:1450:4019:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 423A 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:04:19 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 423A 27 KB
12 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 14:00:58 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 2B5B 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 16:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 16:13:51 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B5B 205 B
519 B 37ms
11ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 10:59:10 GMT
x-content-type-options: nosniff
age: 21981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Dec 2022 10:59:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B5B 604 B
695 B 37ms
12ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 13:27:25 GMT
x-content-type-options: nosniff
age: 13086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Dec 2022 13:27:25 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B8DD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

89ms
89ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B6C 624 B
297 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNWtSAnEMfsCAYBBU6K585rIlTqNjTS0wA-fJXS7burV2YyicM9jwOiv_7VyQErinttRk31ZKeifzAkr9ymhszuEZNHjYc83CAlgCdFif9VnLw5Abdwfa3I0C6WlEJ05Xhzop28lQdFyNw1mPUlQsbwU0Bo6iJD4_v9gxpIVJCRZTyiaLcg

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 28 Dec 2021 17:05:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4A8B 92 KB
35 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmKK2CXVLNG6xNqkrCmdyNWJOh1nqBWPlW5yU603KbRuhz2YGX35Py-6IkkOhi-pAqmF93plaLPRajSI9o54pYmNC6IW1ZKxBvhRyzfHniEK9mJiLY0J52W1RJRSsEJR-87CYyJY2M2swBeZixjCIzM7zwVg&dbm_d=AKAmf-ADg-lbC3DQuRH5fGr8WDk2DOoOKTzPRnz50uu7hKk9UUBVwOjBKXaCYIHY6vxMcAcOIxpm96orX4vU5nKfy2G5uzk_ffCLz8BJk1anecoab03VofQ4blNuP_Zwj8VbHwUgn-kmjpizZV1hraY2xNMKC6d8g5g2bak9vje87EXtiP6FOVgp9qPidFlmNmqZngBTlZWMgYJT3SoGlvxLZAs0moO8eqCY-XlmFFhItnNHLQ4zRMuTxksPJj_pbkojrOshNKMb7vyEZIJjnLnu7TjyVmXEery4uUeMV6b4hKKiroW_g_BYYvdOnVDmULCvPv6TefO1ATXrkx02enn8FeIkSCl4F5w5TMaTfSeorktKcibAT6tYH2Y-MGOJoI3fAD2qo0v_uiPB1ZPSX39EFIu_6ORVInmPONI5QwzlxrfCvIllHkBFIQDUK0PevYvMou9eTOTjeoceR_CK6w13GdM5BqazXFjgAMQBVYmQbvyFrBN8TzoJ1YXNGEx8q7MlSQSYzJx7Gof7hxORqBRX1HVvUY69TPZAeciXW3O6k6XVUwAUXg3xtHIplszH3zMBWntXGP-KcxIqvJduD2txULnClfmcNSStdcdi12v1bx0THPSEeXwNFqSd_kQ9iJyk5rkjLMyaCJpow_F-X98W33EUK91Qczx8DZ7nnB0zYb1viUrVq1OfyBIT-qJF-b0Gn4bNvZPhIIoqKae9XHVdBiTZYco2qwVl8jiKz1xg8wzqFhcOTVYLy5smsfN26cXP_N1Unhh1NCfLmDwyptjy8eMP-tqSXpoyv4qXFZ_QJEu2NEdbTBac3VzG1GtRqBHpELeDruF2qbhQIa_BAaDehm8ma_4BIWtB0ZhCejA4_01r2dB9Rb4mjT-kvlEzxht1igt4EjS3zyJYxF9eVEDtrLPGpWax3NP8U8MEvvNWTclN91HFuh4N8q6k4Oy8m108ZPLALmbek_655B4rRmqvlFNCQVgk60aygqp-CLtG5GKnoPSwFNlycqCwX8CQSFzYnDFibTNIG9RSVb78jkptesrfWcWhxjV0-2qpCBftAsgtJt8XOD8tQmwAWkVt0474MP02Xvw1SQpUZtgF5d6L6h-K6N88xHapMVh0zx_2_Wcs2v0_Bz8s1XufYhh0r4TWuk1A4Rt-K_Avw5es8Jtbn8GyPJM5EkCqHPvJ7MMHdURrpd5LxcsAoj-XHp0QRtWTcnuBaCfX6FxbLT-M_1Vi9pUdVZzam3OKh6gRvwa_iLDVF5pphbte04mEgKEXkGNfdUiRxCidCRomH2urK0eOmD0DkKUynm1R9Loj9o8qw9n1PVhPMEjYSqUMj19Nxy5TGn5sAPkRURw3AkzM1ApXDjC6i3N3mIpPNWFRl3_bqzkLfrNKolg1eyGF5A5eqcxtb4dOVcq-jEnqtOcSklyAC2eza065uuKhyxg6d3fHdbQbEwjoHtazuQC5hwPQWQM07yeLc4zNCdUYGqRZ0xGjOxrFP7rDGvEfLnFFzFsYPvMp8abBdV48YjLKCNB3RN1vaiRosf7FWWXIR72JiR5DIAjsuRzQHsMV2ViBJaZhmtdJDjwe4fw5CF3qFz81dljsaMl79rIZp9RWMG75cvWL-QTkQW56O6zq5jGS_Tfu7rlBcYLkkynQ6UQPb6MKulyWDUtprosUqVFzP1qzMOgQYFt2yJA1VuM6LLWlrUwaUU4NWvjcG75dlL6IMAIsLu4pZTy8lEa7qUs66EidvaOyJ3yZMmCg7yhQfZE_2RLeaod9ECDTa9e1qEr0kc4DAT6I6SCyK8QpXLzK9P0zW_iJSGrGoRBWKv897ZZz5Mo8G75XmjRLkFeTzgqNjI0yKFtsdMHGG9f9zRITrHK0jcgQDVv4qjI51_j47j6otcwTcuIf4R9q0NgQZaPjvVM6MahyaDdG6EEePle4TSY6SW0QyyqWIGKgIg46pT7xsPTDnkFve7ANleLDH1N9_VBtno3zBlNyW2QLHzqdt1hamUTnRFJ6Z08R7uIolcxyR2K7go4TFTEhYmWvihNmlc8yOMkf-mq04nAsrdqVU0OQQUI6w9uFRGS1p_ZZaqB1mDdE4elqpseq2Z7ZXkR4w6zXXaXItkYaqTbU1-xaBi1jguM7pSyHm0xTpz4yStwBtAYuFvo1ZNf59qRFNeWuz0pHV6IOY-zT-aVK0VQMK2e1wEN7Mi1C69QNsCkObYKUEY4XhsvgxZMUrByHJL0No6OSg73a3B7lC2-MutcvkrEfD_CvrrDdoSc2JA5DRFTKbFUZbMxxRV6gS8E9UI2jIqeSXwuYP91ZgW6ML2XVl_bDerYdhk4ApzEnyTAqC1yS0Tr0SrkiT-uvLHBF3k3Qb7mW6GNJUv7l8sw06RTmSiEiY5Ej8OerFFJAD3TEj8532mkfuuHfqrpcKR4yhs4RZ_co2ORkWb7v7y632SZr-p0HhuZLCGOW3xZSJOf6huAD2Q-czLCE45tAFcNE-5sTglRIS3IyVdnIXyk-zdXVtOZqxaA2Prf1CfNAXVWFdU7DzxxB63HzUSEDrNBVI3ZPufJ9qpSwzYC4podOyfi0Z3oDwLQ3Uuf9woq0c0KLMFJeJHuYk7kFxPmnd0qtpQzWhodIQ5NhELaX43JsFl13CmE36YCvd_p2Be7-YRpJjR2iFsvQopKaChra0XUMAJEvwMj0jqMoDMI90VOqDp8SP71LsCGdB8yn3-XZlH7zEV72yGbKfx0AFglGx_8S78jSLhtXsJmXzY02XBiKE4vV3rbcN8zDYmM7fqJmRl1ICn5uj9n8qWbVYv-XTe3ZoAhX2-jqDcoh_Pt98DEmjH9UMrpxoGAm_6WbodN0bP_rhBYKXW6Lxs--IZEYASC7tcfnZLLWSUG5WP-2h7SCNYFNIFLsLwOAfsAN93QQ_K0KOP1kXp5IGqSrZK5EbYOFpWb67Osy996e7ybaCQD0vD6KRNhGJ4nl_Nqa62c0oXsO9RhyhmU-tzG8i46EbPaE8dfpSrfFsvC1eaAh4Okr69AXI00gwshLbtlqt0sIN-RKOi3PSYNSiP80EAK4zLpTCK7XDA-HBdz5bSYcR7p-mGNdPh0XaRhUQ3IfP0ZR8T62f0ZCoLNaieA8Z8lQCl3fcBgMTLc0dqclpa14dvzodnyNHtGAdW9Uz-U4jjSjDJthaGmcss7__OMIch2B_9woIFfvCfOPEolplHHKd2ZYusxOj4tsP6VO2ycubu198HIrTO629Xmu80hwia9HLya063oi9zoizOjJIiTDMYxtShss9sqUxP6ncY2beDeQXy225AmtGJIIUTymykAe8xTM3qhlnxHp3QIkIk2Dq99RpoEssUl-BuQS8HOjGKcl2GuT7X99SatlT9E4MTHJNC4F9rOmk990IXgrE-k73JfaHt8OzdQP7DUPPdKrTQvImSaGzGNoHL7teUEbPJsTl74w6Nqbn-1PkwW9qvMJZ8eXkzkphkjtZRrca1xwq04j0DWd_06kx48xchsV1nfffGGMBuk0yhFSPWk_t4QDpVK85VRWBVMWJ66wBVZj02dedg&cid=CAASEuRoxfmS9QHzp4nOtYZNt7wZVg&rfl=1%2Chttps%253A%252F%252Fwww.kooora.com%252F%240

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ca0d9eb1bd14504ac9f9ec12d3ce9027ab2c402de712e211e13a5c4237eca94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A8B 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJVl0TTT-jDYYGf7evqaChl2Leo-FDQnmYE4v6oxSDT1WtjUQ2CF-ZiLidRl5KlJTUBqleRIA2alMOj1MQ--xn6ixHja6tHMlxZQT5p3nNMoMkv4I

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 4A8B
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/826939/57461187/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
482 B

43ms
6ms

Image
image/gif

2600:9000:223f:d400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
age: 12444657
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: bFm0b2mZ8GKM2GNY3esdpqvPkrMNOiBHRLB5wxlqm8NHUT55c50fWw==

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
x-server-name: app24.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4A8B 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:03:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A8B 119 KB
37 KB 776ms
624ms Script
text/javascript 2a00:1450:4019:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4A8B 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:04:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4A8B 0
0 15ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfTJtbfKmEGArkHwKpZ4PEn5dBBqeM0WhwAKL2Cx8Jhq4NDLePnb1dLWQ2zbbTycP_H80Dz7xwNaWZr3qcRYIlMVqejQ
Requested by: Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1640711127639&de=484244614296&rx=727393767445&m=0&ar=0f32f0cf010-clean&iw=a6edb07&q=3&cb=0&cu=1640711127639&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A491%3A491%3A1533%3A415&fs=196272&na=1451406640&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1BC5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

89ms
89ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H3
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
82 B 42ms
42ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
server: Permutive
alt-svc: clear
content-length: 20
via: 1.1 google

GET
H2 200 / Show response
ui.cleverwebserver.com/ 144 B
209 B 96ms
86ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea0502231c3a134cc21090a3f9b131fd3d7e3bc2628caf62974307ed990ab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6c4c5fb96a5e375d-MXP
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1640711127639&de=153696585393&rx=727393767445&m=0&ar=0f32f0cf010-clean&iw=a6edb07&q=4&cb=0&cu=1640711127639&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A491%3A491%3A1533%3A415&fs=196272&na=616425672&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&C=1

43 B
1014 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNWtSAnEMfsCAYBBU6K585rIlTqNjTS0wA-fJXS7burV2YyicM9jwOiv_7VyQErinttRk31ZKeifzAkr9ymhszuEZNHjYc83CAlgCdFif9VnLw5Abdwfa3I0C6WlEJ05Xhzop28lQdFyNw1mPUlQsbwU0Bo6iJD4_v9gxpIVJCRZTyiaLcg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Dec 2021 17:05:31 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B6C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YctD2xumtUZ7iAFg.QasQAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&google_hm=2

43 B
894 B

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNWtSAnEMfsCAYBBU6K585rIlTqNjTS0wA-fJXS7burV2YyicM9jwOiv_7VyQErinttRk31ZKeifzAkr9ymhszuEZNHjYc83CAlgCdFif9VnLw5Abdwfa3I0C6WlEJ05Xhzop28lQdFyNw1mPUlQsbwU0Bo6iJD4_v9gxpIVJCRZTyiaLcg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Dec 2021 17:05:31 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcS7oLwQjJxc3XVZCvsj40&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7B6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAeFAKt0_lrsIr8Pf55Zn-c&google_cver=1

43 B
1006 B

39ms
13ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAeFAKt0_lrsIr8Pf55Zn-c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNWtSAnEMfsCAYBBU6K585rIlTqNjTS0wA-fJXS7burV2YyicM9jwOiv_7VyQErinttRk31ZKeifzAkr9ymhszuEZNHjYc83CAlgCdFif9VnLw5Abdwfa3I0C6WlEJ05Xhzop28lQdFyNw1mPUlQsbwU0Bo6iJD4_v9gxpIVJCRZTyiaLcg

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:31 GMT
X-Proxy-Origin: 185.232.23.178; 185.232.23.178; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3e7e0cf9-ffd5-46c7-8abd-f1901f52af8a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAeFAKt0_lrsIr8Pf55Zn-c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B6C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTExNTM1NDk0OTk2MzE2Mw%3D%3D

170 B
188 B

29ms
28ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTExNTM1NDk0OTk2MzE2Mw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:31 GMT
X-Proxy-Origin: 185.232.23.178; 185.232.23.178; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 78997000-145d-4bf4-8ab0-386412961509
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTExNTM1NDk0OTk2MzE2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B60E 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 13:26:12 GMT
expires: Wed, 29 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13159
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4A8B 169 KB
59 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
Origin: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Dec 2021 14:56:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 4A8B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmKK2CXVLNG6xNqkrCmdyNWJOh1nqBWPlW5yU603KbRuhz2YGX35Py-6IkkOhi-pAqmF93plaLPRajSI9o54pYmNC6IW1ZKxBvhRyzfHniEK9mJiLY0J52W1RJRSsEJR-87CYyJY2M2swBeZixjCIzM7zwVg&dbm_d=AKAmf-ADg-lbC3DQuRH5fGr8WDk2DOoOKTzPRnz50uu7hKk9UUBVwOjBKXaCYIHY6vxMcAcOIxpm96orX4vU5nKfy2G5uzk_ffCLz8BJk1anecoab03VofQ4blNuP_Zwj8VbHwUgn-kmjpizZV1hraY2xNMKC6d8g5g2bak9vje87EXtiP6FOVgp9qPidFlmNmqZngBTlZWMgYJT3SoGlvxLZAs0moO8eqCY-XlmFFhItnNHLQ4zRMuTxksPJj_pbkojrOshNKMb7vyEZIJjnLnu7TjyVmXEery4uUeMV6b4hKKiroW_g_BYYvdOnVDmULCvPv6TefO1ATXrkx02enn8FeIkSCl4F5w5TMaTfSeorktKcibAT6tYH2Y-MGOJoI3fAD2qo0v_uiPB1ZPSX39EFIu_6ORVInmPONI5QwzlxrfCvIllHkBFIQDUK0PevYvMou9eTOTjeoceR_CK6w13GdM5BqazXFjgAMQBVYmQbvyFrBN8TzoJ1YXNGEx8q7MlSQSYzJx7Gof7hxORqBRX1HVvUY69TPZAeciXW3O6k6XVUwAUXg3xtHIplszH3zMBWntXGP-KcxIqvJduD2txULnClfmcNSStdcdi12v1bx0THPSEeXwNFqSd_kQ9iJyk5rkjLMyaCJpow_F-X98W33EUK91Qczx8DZ7nnB0zYb1viUrVq1OfyBIT-qJF-b0Gn4bNvZPhIIoqKae9XHVdBiTZYco2qwVl8jiKz1xg8wzqFhcOTVYLy5smsfN26cXP_N1Unhh1NCfLmDwyptjy8eMP-tqSXpoyv4qXFZ_QJEu2NEdbTBac3VzG1GtRqBHpELeDruF2qbhQIa_BAaDehm8ma_4BIWtB0ZhCejA4_01r2dB9Rb4mjT-kvlEzxht1igt4EjS3zyJYxF9eVEDtrLPGpWax3NP8U8MEvvNWTclN91HFuh4N8q6k4Oy8m108ZPLALmbek_655B4rRmqvlFNCQVgk60aygqp-CLtG5GKnoPSwFNlycqCwX8CQSFzYnDFibTNIG9RSVb78jkptesrfWcWhxjV0-2qpCBftAsgtJt8XOD8tQmwAWkVt0474MP02Xvw1SQpUZtgF5d6L6h-K6N88xHapMVh0zx_2_Wcs2v0_Bz8s1XufYhh0r4TWuk1A4Rt-K_Avw5es8Jtbn8GyPJM5EkCqHPvJ7MMHdURrpd5LxcsAoj-XHp0QRtWTcnuBaCfX6FxbLT-M_1Vi9pUdVZzam3OKh6gRvwa_iLDVF5pphbte04mEgKEXkGNfdUiRxCidCRomH2urK0eOmD0DkKUynm1R9Loj9o8qw9n1PVhPMEjYSqUMj19Nxy5TGn5sAPkRURw3AkzM1ApXDjC6i3N3mIpPNWFRl3_bqzkLfrNKolg1eyGF5A5eqcxtb4dOVcq-jEnqtOcSklyAC2eza065uuKhyxg6d3fHdbQbEwjoHtazuQC5hwPQWQM07yeLc4zNCdUYGqRZ0xGjOxrFP7rDGvEfLnFFzFsYPvMp8abBdV48YjLKCNB3RN1vaiRosf7FWWXIR72JiR5DIAjsuRzQHsMV2ViBJaZhmtdJDjwe4fw5CF3qFz81dljsaMl79rIZp9RWMG75cvWL-QTkQW56O6zq5jGS_Tfu7rlBcYLkkynQ6UQPb6MKulyWDUtprosUqVFzP1qzMOgQYFt2yJA1VuM6LLWlrUwaUU4NWvjcG75dlL6IMAIsLu4pZTy8lEa7qUs66EidvaOyJ3yZMmCg7yhQfZE_2RLeaod9ECDTa9e1qEr0kc4DAT6I6SCyK8QpXLzK9P0zW_iJSGrGoRBWKv897ZZz5Mo8G75XmjRLkFeTzgqNjI0yKFtsdMHGG9f9zRITrHK0jcgQDVv4qjI51_j47j6otcwTcuIf4R9q0NgQZaPjvVM6MahyaDdG6EEePle4TSY6SW0QyyqWIGKgIg46pT7xsPTDnkFve7ANleLDH1N9_VBtno3zBlNyW2QLHzqdt1hamUTnRFJ6Z08R7uIolcxyR2K7go4TFTEhYmWvihNmlc8yOMkf-mq04nAsrdqVU0OQQUI6w9uFRGS1p_ZZaqB1mDdE4elqpseq2Z7ZXkR4w6zXXaXItkYaqTbU1-xaBi1jguM7pSyHm0xTpz4yStwBtAYuFvo1ZNf59qRFNeWuz0pHV6IOY-zT-aVK0VQMK2e1wEN7Mi1C69QNsCkObYKUEY4XhsvgxZMUrByHJL0No6OSg73a3B7lC2-MutcvkrEfD_CvrrDdoSc2JA5DRFTKbFUZbMxxRV6gS8E9UI2jIqeSXwuYP91ZgW6ML2XVl_bDerYdhk4ApzEnyTAqC1yS0Tr0SrkiT-uvLHBF3k3Qb7mW6GNJUv7l8sw06RTmSiEiY5Ej8OerFFJAD3TEj8532mkfuuHfqrpcKR4yhs4RZ_co2ORkWb7v7y632SZr-p0HhuZLCGOW3xZSJOf6huAD2Q-czLCE45tAFcNE-5sTglRIS3IyVdnIXyk-zdXVtOZqxaA2Prf1CfNAXVWFdU7DzxxB63HzUSEDrNBVI3ZPufJ9qpSwzYC4podOyfi0Z3oDwLQ3Uuf9woq0c0KLMFJeJHuYk7kFxPmnd0qtpQzWhodIQ5NhELaX43JsFl13CmE36YCvd_p2Be7-YRpJjR2iFsvQopKaChra0XUMAJEvwMj0jqMoDMI90VOqDp8SP71LsCGdB8yn3-XZlH7zEV72yGbKfx0AFglGx_8S78jSLhtXsJmXzY02XBiKE4vV3rbcN8zDYmM7fqJmRl1ICn5uj9n8qWbVYv-XTe3ZoAhX2-jqDcoh_Pt98DEmjH9UMrpxoGAm_6WbodN0bP_rhBYKXW6Lxs--IZEYASC7tcfnZLLWSUG5WP-2h7SCNYFNIFLsLwOAfsAN93QQ_K0KOP1kXp5IGqSrZK5EbYOFpWb67Osy996e7ybaCQD0vD6KRNhGJ4nl_Nqa62c0oXsO9RhyhmU-tzG8i46EbPaE8dfpSrfFsvC1eaAh4Okr69AXI00gwshLbtlqt0sIN-RKOi3PSYNSiP80EAK4zLpTCK7XDA-HBdz5bSYcR7p-mGNdPh0XaRhUQ3IfP0ZR8T62f0ZCoLNaieA8Z8lQCl3fcBgMTLc0dqclpa14dvzodnyNHtGAdW9Uz-U4jjSjDJthaGmcss7__OMIch2B_9woIFfvCfOPEolplHHKd2ZYusxOj4tsP6VO2ycubu198HIrTO629Xmu80hwia9HLya063oi9zoizOjJIiTDMYxtShss9sqUxP6ncY2beDeQXy225AmtGJIIUTymykAe8xTM3qhlnxHp3QIkIk2Dq99RpoEssUl-BuQS8HOjGKcl2GuT7X99SatlT9E4MTHJNC4F9rOmk990IXgrE-k73JfaHt8OzdQP7DUPPdKrTQvImSaGzGNoHL7teUEbPJsTl74w6Nqbn-1PkwW9qvMJZ8eXkzkphkjtZRrca1xwq04j0DWd_06kx48xchsV1nfffGGMBuk0yhFSPWk_t4QDpVK85VRWBVMWJ66wBVZj02dedg&cid=CAASEuRoxfmS9QHzp4nOtYZNt7wZVg&rfl=1%2Chttps%253A%252F%252Fwww.kooora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:04:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 4A8B 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 17:05:03 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B60E 70 B
264 B 33ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEExAh-dvUfxfvdUD8tOnMuw&google_cver=1&google_push=AYg5qPK6HVlKAjtOcsBD87f7gOglSECUVBxH_0WTPlfEMrxRzYTd4XdMuAoThinBTceD52QVOLf7V7Q6IORaMBLJ6MBqhhca6Ug
Requested by: Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B60E 0
141 B 40ms
16ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIe0RIUapUXCCzOSSQg5Ms8&google_cver=1&google_push=AYg5qPKRHLEZQm04pnwkTxfu4SMJpRSXkguTrdURyW-yLYnenYJ4JIqqal1grTN3Qey70EnAreFxNAm9ho_44bXDvEQRbUhL8A
Requested by: Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B60E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKirt5y-khziELfBE8fSA8M&google_cver=1&google_push=AYg5qPJOvYGSnqHZhlk-gp98ErQHBRB3U8-EuQHE_EUtnNXqdaFth16sObWxmeh0Mn1XksN5NYEuVeXSK-HW5d...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjgwMDY0OTgzMzg3MTUwMw%3D%3D&google_push=AYg5qPJOvYGSnqHZhlk-gp98ErQHBRB3U8-EuQHE_EUtnNXqdaFth16sObWxmeh0Mn1XksN5NYEuVeXSK-HW5dkzW-...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjgwMDY0OTgzMzg3MTUwMw%3D%3D&google_push=AYg5qPJOvYGSnqHZhlk-gp98ErQHBRB3U8-EuQHE_EUtnNXqdaFth16sObWxmeh0Mn1XksN5NYEuVeXSK-HW5dkzW-ymZR4B_oU

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjgwMDY0OTgzMzg3MTUwMw%3D%3D&google_push=AYg5qPJOvYGSnqHZhlk-gp98ErQHBRB3U8-EuQHE_EUtnNXqdaFth16sObWxmeh0Mn1XksN5NYEuVeXSK-HW5dkzW-ymZR4B_oU
Date: Tue, 28 Dec 2021 17:05:31 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B60E
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFla45rqxmqPhKVyX__QglI&google_cver=1&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlY...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFla45rqxmqPhKVyX__QglI&google_cver=1&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlY...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=y_zUURgMhtvtTXDj1ToJlw&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlYEr4w8J4eWV5jNUc3YW6E...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=y_zUURgMhtvtTXDj1ToJlw&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlYEr4w8J4eWV5jNUc3YW6EjQ7JMcTnizW2my_3qM

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Dec 2021 17:05:31 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=y_zUURgMhtvtTXDj1ToJlw&google_push=AYg5qPKPIvOStAuvyKe7x9WwPdBG5Jm1n6kBKhLQcVWNFnplzlT-IXS9UvjlYEr4w8J4eWV5jNUc3YW6EjQ7JMcTnizW2my_3qM
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 237

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B60E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9PANb7hKkGoRAPuCuj51I&google_cver=1&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9PANb7hKkGoRAPuCuj51I&google_cver=1&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6yfhiecfc5g&google_hm=18c8abbbf96fb6544d766612

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6yfhiecfc5g&google_hm=18c8abbbf96fb6544d766612

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Dec 2021 17:05:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKMuTvhQ2uioH_bLbtMKhyM3EssAeesYw_6DVvEGt-yhU7a8Q07tmvOMNo6A8-M8qAZC-JUmw20ETKEw9DG6yfhiecfc5g&google_hm=18c8abbbf96fb6544d766612
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame B60E 0
75 B 100ms
23ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKTxj0OSepA1rxjBzo44Bn4&google_cver=1&google_push=AYg5qPKgqqbJLo0afVQe03AGV3R6fzsikaKJwjnvXRB0Gygr-4cOoIo_tlZmNgoieFsOGDKsqA6vt1tZQePCKDABj1JomnPO7wY
Requested by: Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:38:27 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B60E
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIb...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIb...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9I...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9I...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmv...

170 B
188 B

19ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPLPur5zIB2wSfRY-0dWvwF9nHp-ID890BRsu8PUnCJZkHnO9IIbD82FmYIGmvUWMQuShR7HhmOMl10S9d6eyYmdVg2WBm8
date: Tue, 28 Dec 2021 17:05:31 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B60E 0
12 B 16ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItQ4ADV58RvTuDV5ByaFbkM34fUtE6o-U_S4R01tn_azZ7ZB9X_gynaCTrpGMNJqpw1371ug

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-54-72-48-7.eu-west-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/ Show response
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame 3027
Redirect Chain

https://sender.clevernt.com/transporter/51316.php?ppuc=1&ppu=0&id=523132&ref=aHR0cHM6Ly93d3cua29vb3JhLmNvbS8%3D&ruri=&r=376922511&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600...
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583

4 KB
966 B

165ms
149ms

Document
text/html

2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae4214ef010f90937dd4996c0ab54182225fb9f4cd2e07e60dc8e6c753d5010c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-type: text/html
x-amz-id-2: 1mfoEStr9Mii4C4PuLtWT9zmJxvDNsHBeVmuWl+pQwhCftytXeK7fth98PJT7jkQSxHPP3Ytm1E=
x-amz-request-id: V7X8VHNCHD3FH62Z
last-modified: Mon, 27 Dec 2021 16:24:01 GMT
cf-cache-status: REVALIDATED
expires: Tue, 28 Dec 2021 17:35:31 GMT
cache-control: public, max-age=1800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c4c5fbb8fcc375d-MXP
content-encoding: br

Redirect headers

server: nginx
date: Tue, 28 Dec 2021 17:05:31 GMT
content-type: text/html; charset=UTF-8
location: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Tue, 28 Dec 2021 17:05:31 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8150578953634767223/ Frame E8D4 36 KB
6 KB 31ms
16ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2718b4b437edd86140d80891cf912e88267f780c14656e84f27a38b10f48b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:31 GMT
expires: Wed, 28 Dec 2022 17:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 May 2021 19:27:42 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A8B 0
571 B 91ms
50ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCshT0lRGd7dDPAkTc_vSG3l2U3AXnPG_4zRQc1hcnUi-vYmmb2ItEPwMSISMD0imkgWBiuAt_iSHtuducaCBUWatNa1fKjP58NMIn00xHWeaupIINz0ae77c1pbnXqnc5B95nNLq8PL1fAhA2n5oIfCdTva70A5xOtK3_mkgFLjLWnSfwkFyJoaQEZn1lQLtr1yqL_abwkhrsqWFtUQZFDq8juhGoLQ7-U63PW-BsKmm_0Slf8RIVQLJd5aIA6Rn41iGQWqkOj38p1Y_Haww5kKIk8tGKOEqPaab1W6-XxIcz8iumvPqdkx9DTTfsLYEQkNPIvYcue65B4R0PObMnT4OjVeh4Zv-J1ZotfoEQBBob5QIeh_zpkTjIJDBePKpb9wC-5KjgNZCzPgrLHutAwEFwvtLXBkufwCQPxJkX-7f1zNdPiwn2BmmBu4zcth2V3xtgyQoWipnNx_4rhbj3bmV5LzAAQrbz5EvBvFT3GsvcADXwTo_KvoYNe7edR2taPRzmD35dYojjh2ZopkuOXAlNCRYp2Qiyq4Kdt2yU1CboT2DsqxtBSGKVIkaz-5AW3QnqqZKzGwsrPR8C2NzsnPnuGZ78PaoP05OqRNm9oa0Fv80Uzhf-JhnTNi77c7NTR4nkavhfOzT8bsjrFn4mPyWxKT7YUY6vCsWZNCIHr9ezvjx8hJNLuf9XwceyvjXkcaCsivwKW13fn3J6NyEth7ACgqg1YqWOYj7V_tk3aKbuwnqU2rZvCdRl8njII4Gl98aJCMGc7LwdnwOep8ezAoJxQIq8pz5tjECFLQCYS_l4_tVQam_aCVAgX7y8sc_Br_as61h-y0Frl2NieqL-LqZNUWvZTX1j7aFxx_wvQ0mfuA05xbb8nrmnOzHP8HuNoMV8BdPVUL7gaBDR8MW2rYbv3WthUsNKP-M8rp1dOY_9bJRXvOYt_09pL_zrKtZSIgABSK-M7sM9r7X_37gTrHwQ_hthfRTtsI8Y3vb6nZKCKlou9an5sveZFZxqwCp9bOstfQeBvK9uHgwoq1rdHH-HHY0hK5hgmoX51Omto4dmenKEj1_cRh74dIdoopEKu9zWs5T3KPQ4Z2eqT2kmNpVP6tzRZpy-f6bqGqVXWSRMCzmXMzfLNVcQH0c33G9VNsFFkBkNUTyWtnUxpzH_enN_tfNHagK_1-YdAuZf_ml8StG7roE7yeUiw620GV-jljbiUzcwJMiG3J5FQm3GHhWQVQJYKSGdn4hAeA_hua36&sai=AMfl-YQo-Na6nJJlpp8iS6ooQlSWfcHbzQWsk3SuXgr0yMZbMlG71qnquyR2AHiqjWQB0kADx2O0qZJwzZNKEIM-ZCF5hfL91cJ3D9RSdtMbuj38S-wQYBpbFNl20X5iTyDKGWJfy_dKstq1KZISRWg9jGbXVcxJsg&sig=Cg0ArKJSzBNZgYhD1xRuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&cbvp=1&cstd=94&cisv=r20211207.10833&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 28 Dec 2021 17:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 4A8B 43 B
1 KB 66ms
16ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=23798292&extPm=379486932&extCr=14813333246&gdpr=&gdpr_consent=&rnd=3105638089

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Wuppertal, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 28 Dez 2021 05:05:31 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 28 Dec 2021 17:05:30 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 4A8B
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=3105638089&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=3105638089&gdpr=&gdp...

42 B
967 B

39ms
36ms

Image
image/gif

54.72.48.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=3105638089&gdpr=&gdpr_consent=

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

54.72.48.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-0a187fe98.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: q2/IJcP5QyU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v026-0a13d5aae.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /bAkaSToTrQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=3105638089&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 click%253Fxai%253DAKAOjstYlD3yy_RenYFwwjhbLwSVnHwTdPsMnS-GmgMxg3KArpHOuBBwwaW0wsyFkPGhCzVyAhwtxVke5iLShL6RYtBvd0Y0qL6fy8QF2XnWLUi4tdKJqIHcdTBkmqGvUqoNnqdkpsyH4eeXl1zk0W1bqkmeNMrJA1qYdkX5tRUyPBSvY_x...
adclick.g.doubleclick.net/pcs/ 0
0 57ms
19ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstYlD3yy_RenYFwwjhbLwSVnHwTdPsMnS-GmgMxg3KArpHOuBBwwaW0wsyFkPGhCzVyAhwtxVke5iLShL6RYtBvd0Y0qL6fy8QF2XnWLUi4tdKJqIHcdTBkmqGvUqoNnqdkpsyH4eeXl1zk0W1bqkmeNMrJA1qYdkX5tRUyPBSvY_x8BjfY0Qofli6pa46NcBPOvAYgdbkZrKtdBIqfyIie2HgZ_3O4i01Th6jJFkFAvBDe02GplH1Kaoas82w8Y7KNCFkOTxgbiLXlF0-bTUhTB6KEUuTIM2dcqXkXs9MzemyVZw%2526sig%253DCg0ArKJSzMUVQinPwO3UEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A8B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Dec 2022 15:13:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3443 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 13:26:12 GMT
expires: Wed, 29 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13159
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F325806798023964140&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-AcUfbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-GRXA3ZfY41ErZQ%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=727393767445&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=172&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1640711127639&de=116473191392&cu=1640711127639&m=3650&ar=0f32f0cf010-clean&iw=a6edb07&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4794&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A491%3A491%3A1533%3A415&as=0&ag=95&an=0&gf=95&gg=0&ix=95&ic=95&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=95&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=189&cd=0&ah=189&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196272&na=1223517868&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8150578953634767223/ Frame E8D4 6 KB
2 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8150578953634767223/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f6f81b224c70cf2431f07287d287446129697370b4419a9b82838be0ea0174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1656
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Dec 2022 14:44:20 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame E8D4 109 KB
37 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 10:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Dec 2021 10:57:00 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame E8D4 59 KB
22 KB 37ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1635848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNCMHA4PIp8tK4%2F9fGGxfojOdVnAqnub7i6MBRMW4xKEi%2Fwu4f9AQIJNG3igTXiCGRPk40E3vflE8kxrQBLLyiQbCX5rV9ypOtP2owKeCR%2FEfyjPJCF7FPzn6i7dw0bY74CuwU9rzCPdXWeVoFcIXJOm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4c5fbac920692e-FRA
expires: Sun, 18 Dec 2022 17:05:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6FE6 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 28 Dec 2021 15:13:54 GMT
expires: Wed, 28 Dec 2022 15:13:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 6697
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1609348756680751&bg=!7O-l76vNAAZKWFskSlg7ACkAdvg8WjMN2v6euzMS_CqflGs29r9oNYzPtTjS1gcsDTSNZU_Mm3JrDQIAAAFqUgAAAD9oAQcKAKzW8X_oxqP7EpHLlulLJJw6IZeDNVlIPIeFHmObsz74nBboFoFfbFoqDoZdkNaIc2ht5fQIewhvQC411fKygpz1cuDugG1_r2Reu1qjrZpAOJoHygWmbIRe5WUq_MQhLa46PGQScdPwkfYYhdkKN2utufLFOfMZLCHvW-ErGzYEoSVfZ4dyUCJHEg3JCGx_F6ZvdbLUQwBcwAHcaS_T4mpNjCaBYZQhfT4VYobimQK_lKqBvus0ZTNLhVwovp7bYxaQXnu11WtbVvKXdiSj-UHB2-vxtZZXdbG6xs3wNL-uDDxtOeCuHyRsOPi_gucbOhoxeV2GVX9D598TgH1-iNK94kguaYgh6JfWBPKjRFv6dpdGGDMxpHQQLEQoXHwjVK1YyD0qXEyOSKM2jREwRRaptrbTlcH88dE0nYSG7LTN6ja5hfFt4Kck0yAPvNP_PVwP-VYPTuUsrIM0CwOx-OrAcmQ-22ZXyOIco6Rc6Bj8KCMoFoQYtMv5IktCPF04--y-1FnRmypqRR9UrYo8IvOGHIKmQz5pVHuc9XJLF29ntaNYE5NZNFZ1Gj0SC14CJuSE7LQb8EdDPKc1z1FKcALmsTD9CB3Ouo3bvXWxVQgjR3iBfai1WTKCWeyCv4W7xPIV42SWsYLLVBxEW6ZISSA-bjbdSRm2ZEYBSVd0IE_ukgAfBCja9cAv1ok-snh8ohuxWD7kvi6Uwsvdf56YzR1aBJ3-FZI4ctJe0bZVNEWUlzCfqIELd_OoUvo1tCK-jov9Opa2RKPXf9k5na85IIIBmNtoudLxF3vhRmPSBo7dx14-CErAFRzSFmXIgPZu52FstIZ9IpIqEHTTW0ySelGhVO3U-ffj0qqzZ7W4n3t7PGsllv18SSz62EmSzyZLUoKmv1nphVf-5JEikL1N-WAqENe0qdvyI-CJOyrhP98ANQphMDI0c1aClQB6Alav1BJFQGKQCRiAUMtjeZmEWUDVILnRoUr1OgHVIPES0dQlTAyyw-S1xCv5kSYnpJOFaD_cL04Ybuz462Cb16fobLhDUhUq0qSgNmaPHqdxuj-CxClLSBd3LpZK6Me4-I-JBM47DRAoiMzz2R0tQmzH22xkitrSQOF_qN2jG018xTNK--MmiQYsHaJVNumBU05M_Eeg57H2NWsAg6409fY1Wg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3443
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE01cnFwNTcxTjJmVUw1&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cver=1&google_push=AYg5qPIvd1Fhcw_rF1kD1P5TU3JJF2Lar0C9cmuvLi8CVMF...

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE01cnFwNTcxTjJmVUw1&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cver=1&google_push=AYg5qPIvd1Fhcw_rF1kD1P5TU3JJF2Lar0C9cmuvLi8CVMFs2OAZ89DimJijSrogV-BSYcLpnnIAw5NF3akBCwy3JS0kPQyzxV0

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 17:05:30 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VE01cnFwNTcxTjJmVUw1&google_gid=CAESEEt8EXJRgoH4vXKU-lOkFU4&google_cver=1&google_push=AYg5qPIvd1Fhcw_rF1kD1P5TU3JJF2Lar0C9cmuvLi8CVMFs2OAZ89DimJijSrogV-BSYcLpnnIAw5NF3akBCwy3JS0kPQyzxV0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3443
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENp_6A2P4AaVBvphsFr-j8A&google_push=AYg5qPJ70xgxfw-eyfo7CVawEcvM-IWo2gyUg3hVGR0FRkZzSTf5ENkiBt...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENp_6A2P4AaVBvphsFr-j8A&google_push=AYg5qPJ70xgxfw-eyfo7CVawEcvM-IWo2gyUg3hVGR0FRkZzSTf5ENkiBtcn4XRVbyFQ8sGjLEbj73u3p-6VU5s30s_GiBpnzgY

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1640711131.382616,VS0,VE160
x-served-by: cache-cdg20752-CDG
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENp_6A2P4AaVBvphsFr-j8A&google_push=AYg5qPJ70xgxfw-eyfo7CVawEcvM-IWo2gyUg3hVGR0FRkZzSTf5ENkiBtcn4XRVbyFQ8sGjLEbj73u3p-6VU5s30s_GiBpnzgY
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3443
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAMWXxzrz75THBbo-VR8ivA&google_cver=1&google_push=AYg5qPKJ7WCAcV0zVaOb4A-1XkrcL88OEWngPsaHAg4fehwXTCxNduCLGSZ21oXQ5ZnKvo2-X9DrlnQk...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzODE3MTczMDMzMTc0NjYyNQ&google_push=AYg5qPKJ7WCAcV0zVaOb4A-1XkrcL88OEWngPsaHAg4fehwXTCxNduCLGSZ21oXQ5ZnKvo2-X9Drln...

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzODE3MTczMDMzMTc0NjYyNQ&google_push=AYg5qPKJ7WCAcV0zVaOb4A-1XkrcL88OEWngPsaHAg4fehwXTCxNduCLGSZ21oXQ5ZnKvo2-X9DrlnQkNy7L6qNNe99-Ulse34s

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzODE3MTczMDMzMTc0NjYyNQ&google_push=AYg5qPKJ7WCAcV0zVaOb4A-1XkrcL88OEWngPsaHAg4fehwXTCxNduCLGSZ21oXQ5ZnKvo2-X9DrlnQkNy7L6qNNe99-Ulse34s
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3443
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9PANb7hKkGoRAPuCuj51I&google_cver=1&google_push=AYg5qPIlyDf6JMBlpH1XMwwuptZDQxilSDs13Ph8KaWB6v27cFCWNIUXru6aFjV0g13metEIjfUupVHhZNizmsKCp...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIlyDf6JMBlpH1XMwwuptZDQxilSDs13Ph8KaWB6v27cFCWNIUXru6aFjV0g13metEIjfUupVHhZNizmsKCpgGCgbd_h6k&google_hm=18c8abbbf96fb6544d766612

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIlyDf6JMBlpH1XMwwuptZDQxilSDs13Ph8KaWB6v27cFCWNIUXru6aFjV0g13metEIjfUupVHhZNizmsKCpgGCgbd_h6k&google_hm=18c8abbbf96fb6544d766612

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Dec 2021 17:05:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIlyDf6JMBlpH1XMwwuptZDQxilSDs13Ph8KaWB6v27cFCWNIUXru6aFjV0g13metEIjfUupVHhZNizmsKCpgGCgbd_h6k&google_hm=18c8abbbf96fb6544d766612
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame 3443
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEAdrAeFdgUtO6QibIBCuFDE&google_cver=1&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYHL1cg6P...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAdrAeFdgUtO6QibIBCuFDE&google_cver=1&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuYH...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Nl4Uu3uvRO-ajYpCI6Y9Bw&google_push=AYg5qPJqCgk986nbwOeif-mRCwLCerWlvUXp_fn_dgem6X-Ev3vP3Jgel9Z2TJ7WUlCvW7cD_8_0HOC6IV-VnuY...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3443
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hr...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAuSTHuU8jWLfts6rTlXm_A&google_cver=1&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-n...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-nZCKrFp6FGOQo6pGS4cuT0JOMbEv_qQ_03O

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1ZDEzNTdhMy02ODAwLTExZWMtODczMy0wNmUxMjY2ZWIyOGM%3D&google_push=AYg5qPKoRs6m7DMpZimx1wza3OfE7aQiB1wAb1VeDTdikop4SdygV6hrvEw63iS6-nZCKrFp6FGOQo6pGS4cuT0JOMbEv_qQ_03O
date: Tue, 28 Dec 2021 17:05:31 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 3443 43 B
65 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEFJfGpbFrqy7qO9qMzaC-Io&google_cver=1&google_push=AYg5qPIhk-beveeK3ZAW_tiXdJ3GmGiOyZ1R-WVhalSryQBbhNlo6Sz_-_HBVdl1pMzP7NiVBIyv_MVsxfesZz9RRqmP6UJjkAo

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Dec 2021 17:05:31 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3443 0
12 B 18ms
18ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8FTYI7G1dsBgxXopw5AMMreu3dUIWqMi2lWzkGGmJ77kkPScHVWtWYMBCjCIBv76OM211_1o

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F8135064381614399404&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-AcUfbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-GRXA3ZfY41ErZQ%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=727393767445&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=157&w=300&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1640711127639&de=484244614296&cu=1640711127639&m=3704&ar=0f32f0cf010-clean&iw=a6edb07&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4794&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A491%3A491%3A1533%3A415&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=38&cd=0&ah=38&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196272&na=1121271397&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A8B 0
23 B 64ms
45ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCshT0lRGd7dDPAkTc_vSG3l2U3AXnPG_4zRQc1hcnUi-vYmmb2ItEPwMSISMD0imkgWBiuAt_iSHtuducaCBUWatNa1fKjP58NMIn00xHWeaupIINz0ae77c1pbnXqnc5B95nNLq8PL1fAhA2n5oIfCdTva70A5xOtK3_mkgFLjLWnSfwkFyJoaQEZn1lQLtr1yqL_abwkhrsqWFtUQZFDq8juhGoLQ7-U63PW-BsKmm_0Slf8RIVQLJd5aIA6Rn41iGQWqkOj38p1Y_Haww5kKIk8tGKOEqPaab1W6-XxIcz8iumvPqdkx9DTTfsLYEQkNPIvYcue65B4R0PObMnT4OjVeh4Zv-J1ZotfoEQBBob5QIeh_zpkTjIJDBePKpb9wC-5KjgNZCzPgrLHutAwEFwvtLXBkufwCQPxJkX-7f1zNdPiwn2BmmBu4zcth2V3xtgyQoWipnNx_4rhbj3bmV5LzAAQrbz5EvBvFT3GsvcADXwTo_KvoYNe7edR2taPRzmD35dYojjh2ZopkuOXAlNCRYp2Qiyq4Kdt2yU1CboT2DsqxtBSGKVIkaz-5AW3QnqqZKzGwsrPR8C2NzsnPnuGZ78PaoP05OqRNm9oa0Fv80Uzhf-JhnTNi77c7NTR4nkavhfOzT8bsjrFn4mPyWxKT7YUY6vCsWZNCIHr9ezvjx8hJNLuf9XwceyvjXkcaCsivwKW13fn3J6NyEth7ACgqg1YqWOYj7V_tk3aKbuwnqU2rZvCdRl8njII4Gl98aJCMGc7LwdnwOep8ezAoJxQIq8pz5tjECFLQCYS_l4_tVQam_aCVAgX7y8sc_Br_as61h-y0Frl2NieqL-LqZNUWvZTX1j7aFxx_wvQ0mfuA05xbb8nrmnOzHP8HuNoMV8BdPVUL7gaBDR8MW2rYbv3WthUsNKP-M8rp1dOY_9bJRXvOYt_09pL_zrKtZSIgABSK-M7sM9r7X_37gTrHwQ_hthfRTtsI8Y3vb6nZKCKlou9an5sveZFZxqwCp9bOstfQeBvK9uHgwoq1rdHH-HHY0hK5hgmoX51Omto4dmenKEj1_cRh74dIdoopEKu9zWs5T3KPQ4Z2eqT2kmNpVP6tzRZpy-f6bqGqVXWSRMCzmXMzfLNVcQH0c33G9VNsFFkBkNUTyWtnUxpzH_enN_tfNHagK_1-YdAuZf_ml8StG7roE7yeUiw620GV-jljbiUzcwJMiG3J5FQm3GHhWQVQJYKSGdn4hAeA_hua36&sai=AMfl-YQo-Na6nJJlpp8iS6ooQlSWfcHbzQWsk3SuXgr0yMZbMlG71qnquyR2AHiqjWQB0kADx2O0qZJwzZNKEIM-ZCF5hfL91cJ3D9RSdtMbuj38S-wQYBpbFNl20X5iTyDKGWJfy_dKstq1KZISRWg9jGbXVcxJsg&sig=Cg0ArKJSzBNZgYhD1xRuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=242&vt=11&dtpt=143&dett=3&cstd=94&cisv=r20211207.10833&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E8D4 6 KB
4 KB 36ms
19ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1feb471e2859c36bfd29531bfbd51d027eea36cc0ab79ef5d0594add4925347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4337
x-xss-protection: 0

GET
H3 200 blank.png_1621952551211_blank.png
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame E8D4 95 B
120 B 13ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952551211_blank.png

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 02:55:34 GMT
x-content-type-options: nosniff
age: 569397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 02:55:34 GMT

GET
H3 200 DCO_Residential_970x250_Day-of-the-Dead_1.jpg_1633704407981_DCO_Residential_970x250_Day-of-the-Dead_1.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame E8D4 84 KB
84 KB 14ms
9ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_970x250_Day-of-the-Dead_1.jpg_1633704407981_DCO_Residential_970x250_Day-of-the-Dead_1.jpg

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eb92c727a2c3cd7258809572d4590aa0de1df64fe7bbcd1c9fd0756f1031ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:31:01 GMT
x-content-type-options: nosniff
age: 9270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86348
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 14:47:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 14:31:01 GMT

GET
H3 200 DCO_Residential_970x250_Day-of-the-Dead_2.jpg_1633704407981_DCO_Residential_970x250_Day-of-the-Dead_2.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame E8D4 24 KB
24 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_970x250_Day-of-the-Dead_2.jpg_1633704407981_DCO_Residential_970x250_Day-of-the-Dead_2.jpg

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c35200547ae9e937e6cd0316e5771629294d98910332d0e449685ca4a446e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:45:47 GMT
x-content-type-options: nosniff
age: 526784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24343
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 14:47:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 14:45:47 GMT

GET
H3 200 DCO_Residential_970x250_ENT_3.jpg_1636446934756_DCO_Residential_970x250_ENT_3.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame E8D4 22 KB
22 KB 16ms
12ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_970x250_ENT_3.jpg_1636446934756_DCO_Residential_970x250_ENT_3.jpg

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9162d96ad2d090ae846163c525422aecfa88034120c3e98fe7779e03b228b2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/index.html?e=69&leftOffset=0&topOffset=0&c=Oyp4EnRqYw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:37:27 GMT
x-content-type-options: nosniff
age: 358084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22352
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 08:35:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 13:37:27 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame E8D4 27 KB
27 KB 12ms
11ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:14 GMT
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Dec 2021 17:20:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=https%3A%2F%2Ff7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-AcUfbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-GRXA3ZfY41ErZQ%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=727393767445&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1640711127639&de=153696585393&cu=1640711127639&m=3708&ar=0f32f0cf010-clean&iw=a6edb07&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4794&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A491%3A491%3A1533%3A415&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196272&na=1667528598&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FE6 35 KB
13 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 11:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 11:28:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E8D4 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 71D5 35 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 11:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 11:28:23 GMT

GET
H2 200 style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame 3027 11 KB
2 KB 98ms
98ms Stylesheet
text/css 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: GY0E3RF3CJDVASDQ
cf-polished: origSize=11955
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
x-amz-id-2: aTh5+ois/KusENmWF9A93e4infL655PPOeb/1975tP55ouANQx64i9lbGw9SaOG9mnQLAsTKGrc=
cf-bgj: minify
server: cloudflare
etag: W/"0b1a0f0066ac8ef5a3b0a38c0858a9b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 6c4c5fbc8abd375d-MXP
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 1 KB
868 B 140ms
140ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=1
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: PPQ3WDA7WW9ZBHTX
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbc8ac3375d-MXP
x-amz-id-2: H/zZd37N3EVhRFO1QTkRMApZpdCSvUhYF5ArSctzg6QD4plojaZG9y9Sg5od2pqMA1VO+V0ktj0=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 2 KB
1 KB 143ms
142ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: 3YT3NA7ZNFRKZ2C2
etag: W/"89cc1efb4630095200908a2c0e01275c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbc8ac5375d-MXP
x-amz-id-2: K7ROh0mjf6zs/avyX9tx5045a0gWE0CdvtGednIGHXQC350V9yUU57EixuXonKiVV8EYSt5zBTg=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 12 KB
4 KB 147ms
146ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: PPQBA68AVZMAJHKS
etag: W/"48521ed69677855391819664023f03a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbc8ac6375d-MXP
x-amz-id-2: S0SgQM78dipp2D/Liwqf89EGeascAhoOApjiayIaK0ULJF/CNjbwxVNPFqI0G73in03f/Q8+NSo=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 12 KB
4 KB 140ms
138ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: PPQ0WKH7EMW053V7
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbc8ac8375d-MXP
x-amz-id-2: 0p+KHZAPSRLBEXzatIh3EcuBY09nMQ4v0OpMSIl2C6Ye5ckEDNUlSzhvPC7tDLpp2Nto723tJig=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 12 KB
4 KB 152ms
151ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: K6Y7T8P8T7HJJS6S
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbc8ac9375d-MXP
x-amz-id-2: a4pgP7y9yXepUFf15++BGX5Z9wuOQlMISkkFCHH6jA30cAvDjQH/BRw/AvsnUiZtvt19AkvKUL8=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 5 KB
2 KB 99ms
98ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: DGV0MWHXRAYK5EXT
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbd2c6c375d-MXP
x-amz-id-2: mjJqpkYGulCiaaNYbw2Cw3ugNF4dZbYZRoaZpy/4SsMxDxuYtTFXgepu3ZJfUdXDcLw6B8XOcos=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 5 KB
2 KB 106ms
106ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: DGV3W34C6X4SKBHQ
etag: W/"5dafc545e73be5464256dd78dc118a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbd6d39375d-MXP
x-amz-id-2: oW6TdXNu3bzfkWorhsbWyWwkDWkPuahV9gNzsSUcJ0ah2r6Nw3fBJAD/BZ4WeS315MhuqzQqFVo=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 5 KB
2 KB 78ms
77ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: DGV0KC521R0XMWZ3
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbd6d3e375d-MXP
x-amz-id-2: WmchNs7J8qO7vxo+f6LXJdsTdlGYPf8oNjhWuT3SJlKlcS6JO/6f4B3LOl0cR7b47ziwDrf2eK4=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 6 KB
2 KB 87ms
87ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: DGVD3M4NZWQF4Y43
etag: W/"9048820dc635dbe10d09725e919ba54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbd7d4a375d-MXP
x-amz-id-2: NC3omkp7nLAJPZ0TdRyf/qEChBQB5D+rr5Vj1IdWhH9MSvHVc02EOs4p1c6XC/wxOSZJiesADLk=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 3 KB
1 KB 142ms
141ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: DB26KRCZ2FMZWWQX
etag: W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbd7d59375d-MXP
x-amz-id-2: v64a7sVlM5sMKK4STz+5YGj8j8u6MhvwdXsBfYTkteiNLqtmJSe/TSMBHmuYGaQKmhsXLuDfQlU=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 12 KB
4 KB 131ms
130ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: PPQAVVTJNN6AJEWP
etag: W/"22316355cfe04cd150c2b810a54167a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbdce07375d-MXP
x-amz-id-2: tYBRwmpeJDdGLmhAAJ4LNYuC5fNm6PZExttrXrVEjmAzo5cMHHimNwwTE10Gqq+LuO+YZIqbW/M=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 33 KB
6 KB 83ms
82ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: PPQAQ5JG24BY9Q9N
etag: W/"19cfc2171558b226e44590caa30ac756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbdee80375d-MXP
x-amz-id-2: LTx40/CFsCrDcO+5dlJXHIVJZtlStQbCSZJkP7m4k5TMM5Q3eCNsuQClR6uElSYw3Jge1g6/SVE=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 33 KB
6 KB 158ms
158ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Dec 2021 12:22:34 GMT
server: cloudflare
x-amz-request-id: DB2350468Z090YJY
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6c4c5fbe0ec5375d-MXP
x-amz-id-2: XDZYOIpg3GJrgj+qWyLjl/H7bQI+qF/RJLPTio7AeNiqg0p+BKnhDmIlipxLnE/geYA96jTqC6o=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 3027 12 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Dec 2021 18:59:20 GMT
server: cloudflare
etag: W/"61c0d288-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6c4c5fbe1eee375d-MXP
vary: Accept-Encoding
expires: Thu, 30 Dec 2021 17:05:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FE6 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTbK020PLYaPTAeH_7_UPn5G2sAwAAAAAOAHgBAI&bg=!z8ylzIjNAAZKWFskSlg7ACkAdvg8WlHmTz6WMWVmrF_APPhshHgYkrNqkw6X_0gi3wSRW95LUU0B7QIAAACCUgAAABVoAQcKAGKZoqzGyisH7zXcznjKT2z2xGbWuX3y4KeR41MqjU53CpDl6NurO4KIkmoV2JYw4776Mxoy_VAwpaFEpVHlcdC2YKi6uFzKUDERO1QcBX7SZLsf5E6zVooOo-CQP-4Ui95TQpkDEMVvFVWDao_cqL957j7Rhs9_A65Jt-q-nr7B9bo2tg0LYAaASv_1nmOyIVhgziWLgBG_XnnpCjp2R757c7xQgEAkM_8jJ7kFRQrGqpDcvVqlKkYo9DZtaKraVs1_8avGOwKRoKsVQvVnmvzTQo0U-8mHRR55B14ABDp6jJ1l0K92BhOhkE8goR5KKUTHe8U0R2qJh4Llpo6_EI4hFY_YYjoLt4bw8guVoHYg4FjMSp5bXXeGG4fT2-Ty6lngelKIdTsrsclzOCgV4P8saJoZfu6CVyOodwg7xW98ih_Zt3YLXJLzrOHxyoroPBwOZrDTDZojTqAMYF0zGCWEmZsGTHkVNj4MrS4WuYYVRMmgzBsqhJoNWtam5mZme5joYopzoMsHfRW0hVMwcM98BEGXd62yj8RMndUzTpj_0WwEWx1iNFVqkB7Vq-7cN4aRqDOxoB0QrZ3WhsAzbVZMye9ROojiMHHR9M4-HwPlu-UETddjUIOWJFpQqI2hAggGbEOmEiFRw6Ws0ajPlr8-Ro346gC9GkZJqMsuQrkYkn_w-8y3vZgxB-GmpnFClurJUnIgiV-38fP15WV7WhASVbZlrf8YIwoytdwmRS-Aj_QyHfyWTn63s0BwSR9hqIxHIfsrQqD--ZUxPcrjZODJP8z_Q1ll-xLWkPXkAh7fsOzXDoP3olIjed_ZEIWOjLfYmOz62DFB_4hDZB-hsbMcuNLYrKLjqFZB-BN5N2a1HVXWK2qa_LdiMfGHlEW-tk0dRQ24a-w8uBMZtvrbawN9Rsx6HCfKvfhK8WcIWFl8-NGyJq0yqYGpx5mgDVP13kJ5-kovIJ74FeQZ0g9GufvSdz5z1njvrj8bKu28zXXoi4RCrBDkA02WcJst6NCMAs-wHhHOLFFNcp4EgPZ2c7h90gwVVpWJ_LVup-RxlZDsiXzW0R7do1MAG5tC4xd08p_XIjIXBGJU58kMkGxzqVWl5p2sdX0DXmoj_6Df-EzNaDou4LmVOe7_NlcOJttzY6e47cFlqIq7BXR0E04FN8b_TAnIkko

Requested by

Host: f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com
URL: https://f7330adb801f69ec1ace2f279da79190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3027 8 KB
723 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 15:36:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 17:05:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H2 200 320x320_15.gif
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 83 KB
84 KB 141ms
141ms Image
image/gif 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/320x320_15.gif?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 897a61f461e2da1c232ce838911e080848f1454071e4e1fea731055df1b03f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: HX018N1Z0XPVJ09Q
cf-polished: origSize=85875, status=webp_bigger
last-modified: Mon, 20 Dec 2021 12:23:12 GMT
content-length: 85394
x-amz-id-2: D7m1SQVwzqNKdxvCpLjRoJCgKXEzjnCEcYpRjf9Me34FFmekdyUbclO9B03siChE93iMaJG2zZQ=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "b97a40ec85baebd06758c20639f491ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6c4c5fbd5d08375d-MXP
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 3027 44 KB
44 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 579057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 00:14:34 GMT

GET
H2 200 clever.de.min.js Show response
lp.cleverwebserver.com/bet365/js/ Frame 3027 9 KB
4 KB 83ms
83ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 23 Dec 2021 11:57:37 GMT
server: cloudflare
x-amz-request-id: 6XD8NAN8MHJR7CRG
etag: W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 6c4c5fbe4f47375d-MXP
x-amz-id-2: QYl7ghAmp9xk32Pfl1VKhhW3Tg6F6Fb0OrysqSMrLTRtRGe7HTotSLNouBidxZmRqo8WAGzCYP0=
expires: Tue, 28 Dec 2021 17:35:31 GMT

GET
DATA 200
OK truncated
/ Frame 4A8B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fddee6ddfb2ac86cc5a4a637a799423ea036d4b3b62dab4aa1819bfd497b922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame E8D4 33 KB
33 KB 8ms
7ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8150578953634767223/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8150578953634767223/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:09 GMT
x-content-type-options: nosniff
age: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Dec 2021 17:20:09 GMT

GET
DATA 200
OK truncated
/ Frame 89CC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f04019f4677eb5a9a325a8ac9d0c12527833f5253a3c7ab8feb565ea2c488d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame 89CC 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=CHOUEIRIGROUPDFP1%3A223617791%3A224594951%3A-&de=311854166309&t=1640711131967&i=MOAT_FEATHER_DEBUG1&gw=choueirigroupdfp451918234534&cm=1&ac=1&f=0&bq=0&ar=0f32f0cf010-clean&iw=a34b069&dMoatOQs=moatClientLevel1%3D4623254331%26moatClientLevel2%3D2947449358%26moatClientLevel3%3D5852634670%26moatClientLevel4%3D138374289852%26moatClientSlicer1%3D223617791%26moatClientSlicer2%3D224594951%26zMoatAdSlot%3DSkinning%26zMoatMSafety%3Dsafe%26zMoatMGV%3DslotNoSlotData%26zMoatTPC%3D%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%26zMoatPlatform%3Dweb%26zMoatSTPC%3D%26zMoatPS%3Dinskin%2Cjustpremium%26zMoatMMV%3DslotNoSlotData%26zMoatSZ%3D1x1%26zMoatPT%3Dhomepage%26zMoatMData%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=875713996&cs=0
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
22ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP1&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1640711127639&de=133429423628&rx=727393767445&m=0&ar=0f32f0cf010-clean&iw=a6edb07&q=5&cb=0&cu=1640711127639&ll=2&lm=0&ln=0&em=0&en=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=kooora.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=223617791&bd=224594951&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=kooora.com&dfp=0%2C1&la=224594951&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A491%3A491%3A1533%3A415&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&fs=196272&na=1639472435&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 17:05:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Dec 2021 17:05:31 GMT

GET
H2 200 bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 3027 26 KB
26 KB 89ms
89ms Image
image/jpeg 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:05:32 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: V0QY9B1S0Q4E67VW
cf-polished: origSize=27972, status=webp_bigger
last-modified: Thu, 23 Dec 2021 18:03:20 GMT
content-length: 26182
x-amz-id-2: qMwICtt2cf6aqUyRMDDDPM7dtBD/qPSzBkn9c7w2kEq4GX4AEdcgrD28hl0W9FwCK5RPXchlKqk=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "badb98ee3ef98cf931012151d07083fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6c4c5fbf096d375d-MXP
expires: Tue, 28 Dec 2021 17:35:32 GMT

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame 0192 84 B
716 B 185ms
135ms Document
text/html 81.94.208.229
HLM2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01062583
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.94.208.229 Stoke-on-Trent, United Kingdom, ASN34587 (HLM2-AS, GB),
Reverse DNS
Software: /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Date: Tue, 28 Dec 2021 17:05:31 GMT
Content-Length: 177

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89CC 0
0 44ms
43ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6_HSBixcKyNMrfhGM8SP7-9MuZ_v-SlLHPmfem0zLsq1nhzxj38iSDfABs4QmyonIZG8nFAxFMb6FLKPG_oNOkiuWUsCCg0GZzkyJ2fo5yVXWDEJDPONXFIVkHRv-tS2zNn7y9xDg8o042VKhkDApEO4AMQvdytQVDDZuLf5c4ot8sqaa3EaAe3kpWv0SRAqgmDXN_qL09-w6RNEJSVFmYpPo7LtwhLCEvo2k5famGRnsWBsK-8Qrgn6mfQNVK5LMox6cv23lghvbTmE26r1IZWg9_TWReun7TY44Tu2GV4kxtS_BP4BK&sig=Cg0ArKJSzHZOVprLE2QqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS