www.kooora.com Open in urlscan Pro
45.60.65.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kooora.com/
Effective URL:
https://www.kooora.com/
Submission Tags: falconsandbox
Submission: On September 01 via api (September 1st 2021, 3:16:36 pm UTC) from US

Summary HTTP 312 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 41 domains to perform 312 HTTP transactions. The main IP is 45.60.65.37, located in United States and belongs to INCAPSULA, US. The main domain is www.kooora.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on August 3rd 2021. Valid for: 6 months.

This is the only time www.kooora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 69	45.60.65.37 45.60.65.37	19551 (INCAPSULA) (INCAPSULA)
26	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
27	107.154.114.140 107.154.114.140	19551 (INCAPSULA) (INCAPSULA)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::681a:f84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.121.55 13.32.121.55	16509 (AMAZON-02) (AMAZON-02)
1	52.208.32.237 52.208.32.237	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
11	149.126.77.203 149.126.77.203	19551 (INCAPSULA) (INCAPSULA)
2 9	188.68.250.242 188.68.250.242	197226 (SPRINT-SDC) (SPRINT-SDC)
2	2606:4700:20:... 2606:4700:20::ac43:4901	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.236.205 35.227.236.205	15169 (GOOGLE) (GOOGLE)
1 7	52.208.239.191 52.208.239.191	16509 (AMAZON-02) (AMAZON-02)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1 5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2600:9000:206... 2600:9000:206f:1600:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	44.198.115.38 44.198.115.38	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	3.127.193.214 3.127.193.214	16509 (AMAZON-02) (AMAZON-02)
18 38	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
4 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 5	18.197.13.64 18.197.13.64	16509 (AMAZON-02) (AMAZON-02)
2 2	13.32.121.123 13.32.121.123	16509 (AMAZON-02) (AMAZON-02)
4 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
2 2	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
2 2	18.184.95.242 18.184.95.242	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
312	45

69 45.60.65.37 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 107.154.114.140 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.140.ip.incapdns.net

o.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:f84 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora.cognativex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.cognativex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-55.fra60.r.cloudfront.net

t1.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.32.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 149.126.77.203 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.203.ip.incapdns.net

ktv.kooora.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.68.250.242 (Olsztyn, Poland) 2 redirects

ASN197226 (SPRINT-SDC, PL)
PTR: n8250h242.sprintdatacenter.net

gaae.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4901 (United States)

ASN13335 (CLOUDFLARENET, US)

striveme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.236.205 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 205.236.227.35.bc.googleusercontent.com

log.cognativex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.208.239.191 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-239-191.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1600:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.198.115.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-115-38.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.127.193.214 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-193-214.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.185.130 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.13.64 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-13-64.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.123 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-123.fra60.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.252 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.95.242 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	kooora.com 2 redirects kooora.com www.kooora.com o.kooora.com img.kooora.com	911 KB
53	doubleclick.net 18 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	233 KB
51	googlesyndication.com pagead2.googlesyndication.com 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	263 KB
27	moatads.com z.moatads.com mb.moatads.com px.moatads.com	92 KB
22	2mdn.net s0.2mdn.net	511 KB
11	kooora.ws ktv.kooora.ws	195 KB
11	effectivemeasure.net 1 redirects t1.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	11 KB
9	gemius.pl 2 redirects gaae.hit.gemius.pl	51 KB
7	openx.net 5 redirects us-u.openx.net rtb.openx.net	1 KB
6	opecloud.com 3 redirects tagger.opecloud.com	2 KB
6	google.com www.google.com adservice.google.com	1 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	facebook.com 1 redirects www.facebook.com	360 B
4	3lift.com 4 redirects eb2.3lift.com	2 KB
4	teads.tv sync.teads.tv	688 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	googletagservices.com www.googletagservices.com	138 KB
4	cognativex.com kooora.cognativex.com static.cognativex.com log.cognativex.com	52 KB
4	facebook.net connect.facebook.net	181 KB
3	dotomi.com dclk-match.dotomi.com	310 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	google-analytics.com www.google-analytics.com	58 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com sync.adaptv.advertising.com Failed	940 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	admedo.com 2 redirects pool.admedo.com	713 B
2	smaato.net 2 redirects s.ad.smaato.net	859 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	striveme.com striveme.com	118 KB
2	googletagmanager.com www.googletagmanager.com	85 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	blismedia.com tr.blismedia.com	136 B
1	mathtag.com 1 redirects sync.mathtag.com	817 B
1	simpli.fi 1 redirects um.simpli.fi	709 B
1	google.fr adservice.google.fr	853 B
1	bluekai.com 1 redirects tags.bluekai.com	328 B
1	google.de www.google.de	107 B
1	googleapis.com imasdk.googleapis.com	28 KB
1	permutive.com cdn.permutive.com	339 KB
312	41

	Domain	Requested by
60	img.kooora.com	www.kooora.com
37	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
30	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com www.kooora.com googleads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
27	o.kooora.com	www.kooora.com o.kooora.com
24	px.moatads.com	www.kooora.com
22	s0.2mdn.net	www.kooora.com s0.2mdn.net 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com www.kooora.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
11	ktv.kooora.ws	o.kooora.com www.kooora.com
9	gaae.hit.gemius.pl	2 redirects o.kooora.com gaae.hit.gemius.pl www.kooora.com
7	collector.effectivemeasure.net	1 redirects www.kooora.com t1.effectivemeasure.net
7	www.kooora.com	www.kooora.com o.kooora.com
6	us-u.openx.net	4 redirects googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	www.kooora.com
6	tagger.opecloud.com	3 redirects www.googletagmanager.com www.kooora.com
5	x.bidswitch.net	5 redirects
5	www.google.com	www.kooora.com 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com tpc.googlesyndication.com
5	www.facebook.com	1 redirects www.kooora.com connect.facebook.net
4	eb2.3lift.com	4 redirects
4	sync.teads.tv	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com www.kooora.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
4	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	connect.facebook.net	o.kooora.com connect.facebook.net
4	securepubads.g.doubleclick.net	www.kooora.com securepubads.g.doubleclick.net
3	dclk-match.dotomi.com	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	www.kooora.com www.google-analytics.com
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	c1.adform.net	2 redirects
2	pool.admedo.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	tracking.m6r.eu	2 redirects
2	survey.effectivemeasure.net	t1.effectivemeasure.net
2	static.cognativex.com	kooora.cognativex.com
2	striveme.com	o.kooora.com www.kooora.com
2	platform.twitter.com	o.kooora.com platform.twitter.com
2	www.googletagmanager.com	www.kooora.com static.cognativex.com
2	z.moatads.com	www.kooora.com z.moatads.com
2	kooora.com	2 redirects
1	ade.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	1 redirects
1	tr.blismedia.com	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
1	r.turn.com	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	1 redirects
1	ad.doubleclick.net	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	tags.bluekai.com	1 redirects
1	detect-survey.effectivemeasure.net	t1.effectivemeasure.net
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	www.kooora.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	imasdk.googleapis.com	www.googletagmanager.com
1	cdn.permutive.com	www.googletagmanager.com
1	log.cognativex.com	www.kooora.com
1	mb.moatads.com	z.moatads.com
1	t1.effectivemeasure.net	www.kooora.com
1	kooora.cognativex.com	o.kooora.com
0	sync.adaptv.advertising.com Failed	7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
312	64

This site contains links to these domains. Also see Links.

Domain
www.goalzz.com
forum.kooora.com
tv.kooora.com
www.startimes.com
m.kooora.com
striveme.com
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-08-03` - `2022-02-02`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-11` - `2021-09-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-28` - `2022-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
log.cognativex.com GTS CA 1D4	`2021-08-22` - `2021-11-20`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.opecloud.com Amazon	`2021-07-03` - `2022-08-01`	a year	crt.sh
*.google.fr GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-08-26` - `2021-11-24`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.kooora.com/
Frame ID: 17C25D7F5FDA6EE8867106E96D4367A2
Requests: 182 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E40E110555C0AA58AC92855F1565FBF1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.kooora.com
Frame ID: 3FE169F74D85C709ADF95003127B5624
Requests: 2 HTTP requests in this frame

Frame: https://gaae.hit.gemius.pl/gdejs/xgde.html
Frame ID: 796CEB0051B0CC16E9C7D6C5B9257C11
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df22fd4ef78370a4%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff431f031a8d164%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300
Frame ID: 8DCED972AB5047FBE5E325476A67A7CC
Requests: 1 HTTP requests in this frame

Frame: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 92701ACE06B87B4FFA2885EEB57D4792
Requests: 1 HTTP requests in this frame

Frame: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D67CE4D25E5C65ABE4E72F6DE0A982B1
Requests: 18 HTTP requests in this frame

Frame: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8CF53DBD8CAB4EFAFAFE507639AC9AB
Requests: 14 HTTP requests in this frame

Frame: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F28E8CD39F2905B4C2939DC3D4F744B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiejLSzATAB&v=APEucNV2GkLZJb4vwijT6In-GbtVlYVtOUaqIMht8zzQGJkWnUHI6SxQPxSDOnyujVTZjJkPDZEc1xsvdQoDAbPsZQLzeFPbpLPmBI70VaSXdlc74x2qFiiKARiPS2W-UizIZhJz3SgvfUfG7Q2Ejh9XJVDD_o_v-REvhSg6In6m3BONi_BpZAU
Frame ID: 9A0D76CE528814EA9DD231434B0A33E9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU
Frame ID: 21F852FD38FBE613BA92F664666D9D7B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk
Frame ID: 007AE1329525C9353E43F4069FF06BA1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B4729C097D49080B1D757E5B2B8366EA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A85A61CF5AE89845B444A63636D16F2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0154E4BE63D47175BE3CBABF528D4DB6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E59331104C4453F27C6346CF773443F0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 21D21087DD5242B00D99E7D94119E8D7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F9A4126A503AD4B759A1F748707E686A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 936E402B0233CE8F1A93B64486B1AE57
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D3E251EDBD79C1D702E31633A69D89B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4647191240484240F57C93571C935D03
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
Frame ID: 9284D5B4B8FE118D52D52E1E52B480D2
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: 352F4654A8366F52788D0F69BBFC03CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كووورة: الموقع العربي الرياضي الأول

Page URL History Show full URLs

http://kooora.com/ HTTP 301
https://kooora.com/ HTTP 301
https://www.kooora.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

312
Requests

99 %
HTTPS

39 %
IPv6

41
Domains

64
Subdomains

45
IPs

10
Countries

3404 kB
Transfer

8738 kB
Size

14
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.goalzz.com/
Title: English

Search URL Search Domain Scan URL

URL: http://forum.kooora.com/
Title: المنتدى

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/
Title: TV

Search URL Search Domain Scan URL

URL: http://www.startimes.com/
Title: منتديات ستار تايمز

Search URL Search Domain Scan URL

URL: https://m.kooora.com/
Title: كووورة موبايل

Search URL Search Domain Scan URL

URL: https://striveme.com/article/%D9%85%D8%AD%D8%B1%D9%83%D8%A7%D8%AA/%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1/%D9%84%D9%81%D9%88%D9%84%D9%83%D8%B3-%D9%81%D8%A7%D8%BA%D9%86-%D8%AC%D9%88%D9%84%D9%81-%D8%AC%D9%8A-%D8%AA%D9%8A-%D8%A3%D9%8A-2021-%D8%A3%D8%B3%D9%84%D9%88%D8%A8-%D8%AD%D9%8A%D8%A7%D8%A9-%D8%AE%D8%A7%D8%B5-%D8%A8%D9%87%D8%A7?utm_source=kooora.com&utm_medium=referral&utm_campaign=kooora_api

Search URL Search Domain Scan URL

URL: http://striveme.com/?utm_source=kooora.com&utm_medium=referral&utm_campaign=fixed

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28071887&title=%D8%AA%D9%81%D8%A7%D8%B5%D9%8A%D9%84%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A7%D8%AA%20%D8%A7%D9%84%D8%A3%D8%AE%D9%8A%D8%B1%D8%A9..%203%20%D9%85%D8%A8%D8%B1%D8%B1%D8%A7%D8%AA%20%D9%84%D8%B1%D9%81%D8%B6%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D9%81%D9%8A%20200%20%D9%85%D9%84%D9%8A%D9%88%D9%86%20%D9%85%D9%82%D8%A7%D8%A8%D9%84%20%D9%85%D8%A8%D8%A7%D8%A8%D9%8A!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28071647&title=%D8%AC%D9%86%D9%88%D9%86%20%D8%A7%D9%84%D9%85%D9%8A%D8%B1%D9%83%D8%A7%D8%AA%D9%88..%20%D9%87%D9%84%20%D9%87%D8%B0%D9%87%20%D8%A3%D9%82%D9%88%D9%89%20%D8%B3%D9%88%D9%82%20%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D9%84%D8%A7%D8%AA%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28070919&title=%D8%AA%D8%B5%D8%B1%D9%8A%D8%AD%20%D9%85%D8%AB%D9%8A%D8%B1%20%D9%84%D8%AA%D9%8A%D8%A7%D8%AC%D9%88%20%D8%B3%D9%8A%D9%84%D9%81%D8%A7..%20%D9%84%D9%85%D8%A7%D8%B0%D8%A7%20%D9%81%D8%B6%D9%91%D9%84%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D9%81%D9%8A%20%D8%B1%D8%A7%D9%85%D9%88%D8%B3%20%D8%B9%D9%84%D9%8A%D9%87%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28070915&title=%D9%81%D8%A7%D8%A8%D8%B1%D9%8A%D8%B2%D9%8A%D9%88%20%D8%B1%D9%88%D9%85%D8%A7%D9%86%D9%88%20%D8%AD%D9%88%D8%AA%20%D8%A7%D9%84%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D9%84%D8%A7%D8%AA..%20%D9%85%D9%86%20%D9%87%D9%88%20%D9%88%D9%85%D8%A7%20%D8%B3%D8%B1%20%D9%82%D9%88%D8%AA%D9%87%20%D9%81%D9%8A%20%D8%B9%D8%A7%D9%84%D9%85%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AF%D9%8A%D8%B1%D8%A9%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28070596&title=%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%20%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D8%A9%20%D8%AA%D9%87%D9%8A%D9%86%20%D8%AC%D8%B1%D9%8A%D8%B2%D9%85%D8%A7%D9%86%20%D9%84%D9%803%20%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28069755&title=%D9%83%D9%8A%D9%81%20%D9%88%D8%B1%D9%91%D8%B7%20%D9%85%D8%A8%D8%A7%D8%A8%D9%8A%20%D9%85%D8%AF%D8%B1%D8%A8%20%D8%A7%D9%84%D9%87%D9%84%D8%A7%D9%84%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28069839&title=%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88%20%D9%85%D9%84%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%A8%D9%8A%20%D9%88%D9%84%D9%8A%D8%B3%20%D9%85%D9%8A%D8%B3%D9%8A..%20%D9%87%D9%84%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B3%D8%A8%D8%A8%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28066925&title=%D8%AF%D8%B1%D8%B3%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9..%20%D8%A7%D9%84%D8%AF%D8%A7%D9%87%D9%8A%D8%A9%20%D8%A8%D9%8A%D8%B1%D9%8A%D8%B2%20%D9%8A%D8%AB%D8%A3%D8%B1%20%D9%84%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D8%A9%20%D9%88%D9%8A%D9%86%D8%AA%D9%82%D9%85%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D9%81%D9%8A

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28064864&title=%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%20%D8%A7%D9%84%D8%B3%D9%8A%D8%AA%D9%8A%20%D8%BA%D8%A7%D8%B6%D8%A8%D8%A9%20%D9%85%D9%86%20%D8%A5%D8%AF%D8%A7%D8%B1%D8%AA%D9%87%D8%A7%20%D8%A8%D8%B3%D8%A8%D8%A8%20%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88..%20%D9%88%D8%A7%D8%AA%D9%87%D8%A7%D9%85%D8%A7%D8%AA%20%D8%A8%D8%A7%D9%84%D8%A8%D8%AE%D9%84!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28065911&title=%D8%A8%D8%B9%D8%AF%20%D8%B5%D8%AF%D9%85%D8%A9%20%D9%83%D9%8A%D9%86..%20%D9%87%D8%B0%D9%87%20%D9%87%D9%8A%20%D8%AA%D9%81%D8%A7%D8%B5%D9%8A%D9%84%20%D8%B9%D9%82%D8%AF%20%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88%20%D9%85%D8%B9%20%D8%A7%D9%84%D8%B3%D9%8A%D8%AA%D9%8A

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28064669&title=%D8%B5%D9%81%D9%82%D8%A9%20%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9..%20%D8%A7%D8%AD%D8%AA%D9%81%D8%A7%D9%84%20%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D9%8A%20%D9%85%D9%85%D9%8A%D8%B2%20%D8%A8%D8%B9%D9%88%D8%AF%D8%A9%20%D8%AC%D9%88%D9%87%D8%B1%D8%A9%20%D8%A7%D9%84%D9%81%D8%B1%D9%8A%D9%82

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28066943&title=%D8%A7%D9%84%D8%A3%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%8A%D8%AA%D8%AF%D8%AE%D9%84..%20%D9%83%D9%8A%D9%81%20%D9%85%D9%86%D8%B9%20%D8%A7%D9%84%D9%8A%D9%88%D9%86%D8%A7%D9%8A%D8%AA%D8%AF%20%D8%AE%D9%8A%D8%A7%D9%86%D8%A9%20%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28066866&title=%D8%AD%D9%84%D9%85%20%D9%83%D9%84%20%D9%84%D8%A7%D8%B9%D8%A8..%20%D9%87%D8%B0%D8%A7%20%D9%85%D8%A7%20%D8%AA%D9%86%D8%A7%D8%B2%D9%84%20%D8%B9%D9%86%D9%87%20%D9%85%D8%A8%D8%A7%D8%A8%D9%8A%20%D9%85%D9%86%20%D8%A3%D8%AC%D9%84%20%D9%82%D9%85%D9%8A%D8%B5%20%D8%B1%D9%8A%D8%A7%D9%84%20%D9%85%D8%AF%D8%B1%D9%8A%D8%AF!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kooora

Search URL Search Domain Scan URL

URL: https://twitter.com/kooora

Search URL Search Domain Scan URL

URL: https://instagram.com/kooora

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcHR8e5S-3uWN_yL64emgzg/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@kooora

Search URL Search Domain Scan URL

URL: https://m.kooora.com/?nomb=0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kooora.com/ HTTP 301
https://kooora.com/ HTTP 301
https://www.kooora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1630509372889_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1630509372889_1

Request Chain 135

https://gaae.hit.gemius.pl/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=.Ocl1AY9zcBjHZyJilZJf74gGI3UvhBsJWYIGBjJwXn.n7&vis=1&fpcap= HTTP 301
https://gaae.hit.gemius.pl/__/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=.Ocl1AY9zcBjHZyJilZJf74gGI3UvhBsJWYIGBjJwXn.n7&vis=1&fpcap=

Request Chain 148

https://tags.bluekai.com/site/70551?redir=https://collector.effectivemeasure.net/sync_webhook/oracle/$_BK_UUID HTTP 302
https://collector.effectivemeasure.net/sync_webhook/oracle/$_BK_UUID

Request Chain 154

https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1 HTTP 302
https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1&trackability-redirect=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms&google_tc= HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms&google_gid=CAESECE2mgbiEbDeOYAJKYU4bJo&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm&lsdata=-NOTSUP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm=&lsdata=-NOTSUP&google_tc= HTTP 302
https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=-NOTSUP&google_gid=CAESEEdlczCemjYLkvAIbWNncX8&google_cver=1 HTTP 301
https://gaae.hit.gemius.pl/__/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=-NOTSUP&google_gid=CAESEEdlczCemjYLkvAIbWNncX8&google_cver=1

Request Chain 156

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fwww.kooora.com%2F&ref=&tz=-2&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms&google_tc= HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms&google_gid=CAESELxZA2J_tBBYWy0MYQB03HY&google_cver=1

Request Chain 157

https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=562459823911593&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22fd4ef78370a4%26domain%3Dwww.kooora.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.kooora.com%252Ff431f031a8d164%26relation%3Dparent.parent&container_width=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fkooora&locale=ar_AR&sdk=joey&show_facepile=false&show_posts=false&small_header=true&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df22fd4ef78370a4%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff431f031a8d164%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPZ8jKuU4l5nUYbc6YHMUQk&google_cver=1

Request Chain 212

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbwTEhLVqjDDYKUZA_sQAU&google_cver=1

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH-JrzDgbim7X1SB8IIfpko&google_cver=1

Request Chain 214

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1

Request Chain 227

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm=&google_dbm=&google_tc= HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1

Request Chain 231

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm=&google_dbm=&google_tc= HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1

Request Chain 237

https://um.simpli.fi/gp_match?google_gid=CAESEN8anVokAaxIGRBbgZaRVHM&google_cver=1&google_push=AYg5qPJRfctZXiQukS6a-hEfYz_bfOwPkQXL-GNimDBhGnkJauCqca7hr1I8fIHLBpiYSrVkvG5MgjdEPwcQISeZyxChSoMTUJUe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5040C34DEA2348DC9A0DB6C4F49905A2&google_push=AYg5qPJRfctZXiQukS6a-hEfYz_bfOwPkQXL-GNimDBhGnkJauCqca7hr1I8fIHLBpiYSrVkvG5MgjdEPwcQISeZyxChSoMTUJUe

Request Chain 238

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK4lC5TEHEe0pycWWnHIGm8&google_cver=1&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHkVDu7XLmjg-Wb9gzIp3p03Eh3yc9lLjBJKZcDivV HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK4lC5TEHEe0pycWWnHIGm8&google_cver=1&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHkVDu7XLmjg-Wb9gzIp3p03Eh3yc9lLjBJKZcDivV&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sn3H4REHb1mVNWFYIHOWIw&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHkVDu7XLmjg-Wb9gzIp3p03Eh3yc9lLjBJKZcDivV

Request Chain 239

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==

Request Chain 240

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0&google_cver=1&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0&google_tc=

Request Chain 241

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIJlRQ6KFTX6TCY7PwHJYJo&google_cver=1&google_push=AYg5qPLW6Y0qpLfEL27v4kLB9nH2hvwQC-Ke51yGYzDZ2Wjdhkjq46ipSOrNukyoDsYnqK1y0bQvZ0aSZ5sEHZTrh11g0PMVsD5k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLW6Y0qpLfEL27v4kLB9nH2hvwQC-Ke51yGYzDZ2Wjdhkjq46ipSOrNukyoDsYnqK1y0bQvZ0aSZ5sEHZTrh11g0PMVsD5k

Request Chain 242

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEP9m875jRRRvBT57_93O0Ac&google_cver=1&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy&google_gid=CAESEP9m875jRRRvBT57_93O0Ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy

Request Chain 250

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJpF6fIpQGKAscrtdU9exVI&google_cver=1&google_push=AYg5qPKeqd1g0msu7vS8tIdZPmXWv8ON2LuXxdlZWrEgkahc4a1DUq8N_flJRB8Ny0sx-h_C9w4eS5Eo2br0CPn5t4Y-veyuq0CG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKeqd1g0msu7vS8tIdZPmXWv8ON2LuXxdlZWrEgkahc4a1DUq8N_flJRB8Ny0sx-h_C9w4eS5Eo2br0CPn5t4Y-veyuq0CG

Request Chain 251

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPJPB7uKgcEY0ZbcjHmOi--as-gDimNHZS9JmGghn3m24019_9mvy1fJ7Sc767Lm9Yy-IdHGj50RhvJ0l1ochSYeAsPhUoqt HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPJPB7uKgcEY0ZbcjHmOi--as-gDimNHZS9JmGghn3m24019_9mvy1fJ7Sc767Lm9Yy-IdHGj50RhvJ0l1ochSYeAsPhUoqt HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a3254528-810c-4f5a-a473-333cbad53213 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a3254528-810c-4f5a-a473-333cbad53213 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cd975392-742c-4093-8dec-96b5cd1195dc&user_group=1&ssp=google&bsw_param=a3254528-810c-4f5a-a473-333cbad53213 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==

Request Chain 252

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENOqUBd1CdPgCTQaLAvkgEI&google_cver=1&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_OhnRCgN0WXvpf5oR4VZOyZXGF HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENOqUBd1CdPgCTQaLAvkgEI&google_cver=1&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_OhnRCgN0WXvpf5oR4VZOyZXGF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAwNjUxODEyNTA5MzU2NDU5MA&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_OhnRCgN0WXvpf5oR4VZOyZXGF

Request Chain 253

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEP9m875jRRRvBT57_93O0Ac&google_cver=1&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC&google_gid=CAESEP9m875jRRRvBT57_93O0Ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC

Request Chain 254

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw&apid=UP8f4ce2ac-0b37-11ec-8f0b-06a17173c662 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw&apid=UP8f4ce2ac-0b37-11ec-8f0b-06a17173c662&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ZjRjZTJhYy0wYjM3LTExZWMtOGYwYi0wNmExNzE3M2M2NjI%3D&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw

Request Chain 269

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPRS6zc26J8KC-T-OqAwhbA&google_cver=1&google_push=AYg5qPJDWh8AJp3wA5dCylI-9j6rejaNgIRZAswXKUzDcL3zEMeTZ44-FSY4Se4-bzVK0kXQVkS-9yyT_iDEbGIT-468bgo0utTZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1MDI1NDc4ODcxMjIwMjQ0Mg== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELEhKap7qBfomqPyWwGLrxk&google_cver=1

Request Chain 273

https://rtb.openx.net/sync/dds?google_gid=CAESECuAfKoNkU7eGGaZAbcGDcQ&google_cver=1&google_push=AYg5qPJnjaaoWe1TlfkjTCmxqzbhb18CIO6HkX6Bx_I98i5rioKes6HmJtzoIfq4WWKeCExpjgKd01eVIvs0HmE_axx1TQlu07lY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJnjaaoWe1TlfkjTCmxqzbhb18CIO6HkX6Bx_I98i5rioKes6HmJtzoIfq4WWKeCExpjgKd01eVIvs0HmE_axx1TQlu07lY&google_hm=eTz9Tdzawogy4MqOTt8-vQ==

Request Chain 274

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENoGzEU4JcZkO-aswva38W4&google_cver=1&google_push=AYg5qPKScIDOoxXUrq4UdJ7ZTeb2Sxesv_pBoS79eirqSr8I_t9Th4bHV4VMJln3HetDEewi-j9613_YvHY2hcz-eDUv6OIIDcEo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxTjZQR1otMjctRDBFOA==&google_push=AYg5qPKScIDOoxXUrq4UdJ7ZTeb2Sxesv_pBoS79eirqSr8I_t9Th4bHV4VMJln3HetDEewi-j9613_YvHY2hcz-eDUv6OIIDcEo

Request Chain 275

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIJlRQ6KFTX6TCY7PwHJYJo&google_cver=1&google_push=AYg5qPKmmffUeXS4umhvnZMm3k0TFReMqLNZbGq7hA5Yju248vXpESuGI75BT-e_Fa1gqL1IVBUx9Xq14bszv4cvhARdWNNNrk8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKmmffUeXS4umhvnZMm3k0TFReMqLNZbGq7hA5Yju248vXpESuGI75BT-e_Fa1gqL1IVBUx9Xq14bszv4cvhARdWNNNrk8

312 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kooora.com/
Redirect Chain

http://kooora.com/
https://kooora.com/
https://www.kooora.com/

22 KB
9 KB

40ms
29ms

Document
text/html

45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7b243fc1f43ec4f09287bddd2366960c9676afd69ae815f1220d79e71789938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.kooora.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

etag: "e6322c56"
content-type: text/html; charset=windows-1256
content-encoding: gzip
access-control-allow-origin: o.kooora.com
cache-control: max-age=3, public
expires: Wed, 01 Sep 2021 15:16:11 GMT
date: Wed, 01 Sep 2021 15:16:08 GMT
set-cookie: visid_incap_146017=GvIOuSuRSIGdHOhssXcS5DiZL2EAAAAAQUIPAAAAAAAtsaGlCvjrO7ywcqybdXdh; expires=Thu, 01 Sep 2022 08:52:15 GMT; HttpOnly; path=/; Domain=.kooora.com; Secure; SameSite=None incap_ses_392_146017=a/myd2XdXyhHttnHYKpwBTiZL2EAAAAAWoNUwBVHjPBhqOKgvU9oHQ==; path=/; Domain=.kooora.com; Secure; SameSite=None
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 14-130266952-130266798 2CNN RT(1630509368716 0) q(0 0 0 0) r(0 0)

Redirect headers

location: https://www.kooora.com/
content-length: 0
strict-transport-security: max-age=31536000

GET
H2 200 moatheader.js Show response
z.moatads.com/choueirigroupheaderdfp445340272806/ 243 KB
84 KB 219ms
55ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e2b047f8cd3f435b4b2fc989e2f9125b2249ef15ee4e874b30992db0462933

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:09 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 10:13:16 GMT
server: AmazonS3
x-amz-request-id: NZCJFNZFZNRGQTTZ
etag: "cac316160878e82d5537b5cbc2954eb2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38482
accept-ranges: bytes
content-length: 85638
x-amz-id-2: Bi5TFnxgL4WgvEE2iU+Hb7dDxFJjq+CEa9O36b4CXfy0VNburpQMZhc2ZW7D9TWEUl4ds/ubqVU=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 244ms
79ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

a0e91cb3a6e61d6b2bf7d318850b0db972d0b5ebe04ee9e888401a8bb4ed8042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "974 / 442 of 1000 / last-modified: 1630494568"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25641
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:09 GMT

GET
H2 200 aw.css
o.kooora.com/ 201 KB
47 KB 222ms
43ms Stylesheet
text/css 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.kooora.com/aw.css?rev=549&ch=7701
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 6f56eed3288b59e657812b60c5f80f578d7820c2e1ead97421a438f562813bec

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:08 GMT
content-encoding: gzip
last-modified: Sat, 08 May 2021 09:37:06 GMT
x-cdn: Imperva
etag: "0d60b5ed43d71:0"
content-type: text/css
access-control-allow-origin: *
x-iinfo: 8-22013948-0 0CNN RT(1630509368627 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=2592000, public
content-length: 47691
expires: Fri, 01 Oct 2021 15:16:08 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
o.kooora.com/ 87 KB
30 KB 277ms
99ms Script
application/javascript 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.kooora.com/jquery-3.5.1.min.js
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:08 GMT
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 13:40:24 GMT
x-cdn: Imperva
etag: "0947d5c9a3dd61:0"
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 8-22013949-0 0CNN RT(1630509368627 0) q(0 -1 -1 2) r(0 -1)
cache-control: max-age=2592000, public
content-length: 30851
expires: Fri, 01 Oct 2021 15:16:08 GMT

GET
H2 200 nw.js Show response
o.kooora.com/ 880 KB
209 KB 221ms
42ms Script
application/javascript 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.kooora.com/nw.js?rev=1645&ch=9845
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 2c85f3fdefb9abb459b7ffccb1ae62bbbca9921af731840df5353b70c039df01

Request headers

Origin: https://www.kooora.com
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:08 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 16:14:14 GMT
x-cdn: Imperva
etag: "0cff13ba9dd71:0"
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 12-229813548-0 0CNN RT(1630509368775 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=2592000, public
content-length: 213471
expires: Fri, 01 Oct 2021 15:16:08 GMT

GET
H2 200 _Incapsula_Resource Show response
www.kooora.com/ 132 KB
19 KB 42ms
40ms Script
application/javascript 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=669607795

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9e204b3465836bb84d4253b0ebbc4b22633996a8a489feb9c2ca3478e10381ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=669607795
pragma: no-cache
cookie: visid_incap_146017=GvIOuSuRSIGdHOhssXcS5DiZL2EAAAAAQUIPAAAAAAAtsaGlCvjrO7ywcqybdXdh; incap_ses_392_146017=a/myd2XdXyhHttnHYKpwBTiZL2EAAAAAWoNUwBVHjPBhqOKgvU9oHQ==; visid_incap_146022=13gLYZYKSc+HQDsIFtcsiziZL2EAAAAAQUIPAAAAAABqRSBVyEE/NAl917q8M7yk; incap_ses_246_146022=aAz8T4WHCgDOIHfVGPhpAziZL2EAAAAAbNHlKx6fG+K341/ZwkPhHQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kooora.com
referer: https://www.kooora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19120
content-type: application/javascript

GET
H3-29 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 92ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:10 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 211 B
148 B 95ms
41ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

48c178614846d599b2fd4c9576037af5c748c2b40ceb45467928eb265010104e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:09 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 20ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44cc1798af996c3b8f835519fd2bfe8a7b715dc94b1db9992aa5287bee6c81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TKEsQP/jBBqxSvBOgGtbsg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: sPI9r0hTViFSpBiLEechf4abuu0epKS18om1ngLAP3Uk0hypOVJLgrog+ZWRvZQi6Gvg+nVo/WDymGM5pQ/I+g==
x-fb-trip-id: 917726464
x-fb-content-md5: 4c65b48b8673a7d735c433bf755d377c
x-frame-options: DENY
date: Wed, 01 Sep 2021 15:16:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "92f6d8da1e22a322ff8b947ed1c4b39c"
timing-allow-origin: *
expires: Wed, 01 Sep 2021 15:24:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 20ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 3kI4c4etMhtP0OB/OjH7fbV+JzZSBIh5ukMsmoqhwUtXIk2HxzInkIN5B1vdY53t/5VQ0m7LIci9kGsuLWtNXg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 01 Sep 2021 15:16:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cn.js Show response
kooora.cognativex.com/cognativex/ 1 KB
1 KB 144ms
15ms Script
text/javascript 2606:4700:20::681a:f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-9-1
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc85bf0265f1c1812f82642b9457f11855a8f870e3aadf375b1bdec406165a9c

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=A/qcQQ==, md5=1xa8+Ow6ccaABKbkuFk/Rw==
date: Wed, 01 Sep 2021 15:16:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157
cf-polished: origSize=1206
x-guploader-uploadid: ADPycdsivU9cHs-tYuQri9FONLmWWqDsZtkubI22cpllC06i2pPBlHyQkWNA6iYh1aEaVGwEhwvpPVPLKhGY-rKokNs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 03 Jun 2021 11:20:34 GMT
server: cloudflare
etag: W/"d716bcf8ec3a71c68004a6e4b8593f47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FFo624ZCY0BX0Ng9Xc0LXM7zJIWQIfE2XU9J3XozBQUKNbNIUiYQ%2FrvqZBuqpgEsrOqdE6O2i2FVawJlE42tvu7NWx9rYM6Psozo4CFyaWdp%2FbdgNUXZBiU1g3do7ESOg7xMin8PyQYNeeEwgDXvFEBtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1622719234099591
access-control-allow-origin: *
expires: Wed, 01 Sep 2021 15:56:57 GMT
cache-control: public, max-age=14400
x-goog-stored-content-length: 1206
cf-ray: 687f754def8a5b68-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1450
date: Wed, 01 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 16:52:00 GMT

GET
H2 200 tag.js Show response
t1.effectivemeasure.net/ 22 KB
7 KB 165ms
35ms Script
application/javascript 13.32.121.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.effectivemeasure.net/tag.js?1630
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b00b1bfc13107699852b352569a8aa7a277a3a30ef9660bd085baa7a2f1cbec

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 20:57:43 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:44 GMT
server: AmazonS3
age: 65908
etag: W/"489d05d67b9e8e4403e07a14415c7f5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: givx92La9O6tQrA5Vq110eBMBtGJ7HJl26UOrp40OuMl2KcfqZvEZw==

GET
H2 200 / Show response
www.kooora.com/ 16 B
566 B 1172ms
1169ms XHR
text/html 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?vc=true&_=1630509369931

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5548b3fe3513d45b693e62c4e813fef4c5c96cd73cf4350c2f33c13adbf105b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: visid_incap_146017=GvIOuSuRSIGdHOhssXcS5DiZL2EAAAAAQUIPAAAAAAAtsaGlCvjrO7ywcqybdXdh; incap_ses_392_146017=a/myd2XdXyhHttnHYKpwBTiZL2EAAAAAWoNUwBVHjPBhqOKgvU9oHQ==; visid_incap_146022=13gLYZYKSc+HQDsIFtcsiziZL2EAAAAAQUIPAAAAAABqRSBVyEE/NAl917q8M7yk; incap_ses_246_146022=aAz8T4WHCgDOIHfVGPhpAziZL2EAAAAAbNHlKx6fG+K341/ZwkPhHQ==
:path: /?vc=true&_=1630509369931
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.kooora.com
referer: https://www.kooora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.kooora.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1256
x-iinfo: 14-130267104-130240414 2NYN RT(1630509371039 0) q(0 0 0 -1) r(1 1) U18
cache-control: private
set-cookie: ASP.NET_SessionId=hnru241shr1g5n3ydjj0zchq; path=/; HttpOnly; SameSite=Lax kookie=40f8d5b5-9496-40a0-bd22-64dfa0d04827; expires=Thu, 01-Sep-2022 15:16:11 GMT; path=/; HttpOnly kookie2=40f8d5b5-9496-40a0-bd22-64dfa0d04827; expires=Thu, 01-Sep-2022 15:16:11 GMT; path=/ eclk=1630509371; expires=Thu, 01-Sep-2022 15:16:11 GMT; path=/ nlbi_146017=4g7XUq95YhG0CrCAQl8TSQAAAABDiNmhpggeOupsS8aHvkMI; path=/; Domain=.kooora.com; Secure; SameSite=None
x-cdn: Imperva
expires: Tue, 01 Sep 2020 15:16:11 GMT

GET
H2 200 searchgold.png
www.kooora.com/icons/q/48/ 1 KB
2 KB 55ms
39ms Image
image/png 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kooora.com/icons/q/48/searchgold.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be66f2a7e95a29627f762c8b1c399a8a19f1b502f9dd31e5d5b7a9d56129acc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /icons/q/48/searchgold.png
pragma: no-cache
cookie: ASP.NET_SessionId=hnru241shr1g5n3ydjj0zchq; kookie=40f8d5b5-9496-40a0-bd22-64dfa0d04827; kookie2=40f8d5b5-9496-40a0-bd22-64dfa0d04827; eclk=1630509371; nlbi_146017=4g7XUq95YhG0CrCAQl8TSQAAAABDiNmhpggeOupsS8aHvkMI
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kooora.com
referer: https://www.kooora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 08 Sep 2020 16:34:35 GMT
x-cdn: Imperva
etag: "06d9034e"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-130267129-130266798 2CNN RT(1630509371181 0) q(0 0 0 0) r(0 0)
cache-control: max-age=3, public
set-cookie: visid_incap_146017=vso5P6OFSI+3VAopJ4dYvDuZL2EAAAAAQUIPAAAAAADc8no8jdBQ3ctvtPb+s0xy; expires=Thu, 01 Sep 2022 08:52:15 GMT; HttpOnly; path=/; Domain=.kooora.com; Secure; SameSite=None incap_ses_392_146017=CiONcQwxGgsjuNnHYKpwBTuZL2EAAAAA66TJKJ2/EKb6Xt2dW/M6fA==; path=/; Domain=.kooora.com; Secure; SameSite=None
content-length: 1530
expires: Wed, 01 Sep 2021 15:16:14 GMT

GET
H2 200 star_off.png
o.kooora.com/i/ 1 KB
2 KB 47ms
40ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/i/star_off.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 4af6266c7294570a36a20fef6f4529694e9e2e929cb9b9967140cb7d151700cf

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
last-modified: Mon, 23 Sep 2019 02:39:07 GMT
x-cdn: Imperva
etag: "db8b912b871d51:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22013997-0 0CNN RT(1630509370845 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31449600, public
content-length: 1147
expires: Wed, 31 Aug 2022 15:16:10 GMT

GET
H2 200 star_on.png
o.kooora.com/i/ 1 KB
2 KB 47ms
40ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/i/star_on.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: d8d633236b5c38e131798d189e5e5c96866e9e525322fbaf84fb82e7c02a2584

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
last-modified: Mon, 23 Sep 2019 02:39:07 GMT
x-cdn: Imperva
etag: "dc755f12b871d51:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22013998-0 0CNN RT(1630509370845 0) q(0 -1 -1 2) r(0 -1)
cache-control: max-age=31449600, public
content-length: 1466
expires: Wed, 31 Aug 2022 15:16:10 GMT

GET
H2 200 tgold2.png
o.kooora.com/i/ 5 KB
6 KB 49ms
42ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/i/tgold2.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: b25741c5702afe4eba48d0955913094a0fa290db1fc6575c1801211ce09b5747

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
last-modified: Thu, 23 Oct 2014 11:27:38 GMT
x-cdn: Imperva
etag: "e949a659b4eecf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22013999-0 0CNN RT(1630509370846 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31449600, public
content-length: 5365
expires: Wed, 31 Aug 2022 15:16:10 GMT

GET
H2 200 khome4.png
o.kooora.com/i/ 16 KB
16 KB 49ms
43ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/i/khome4.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: c9db1fac9568ba8263c2ab313c9e4f15dded5a2e1aee78dac9c2ea6970717714

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
last-modified: Wed, 25 Mar 2015 14:43:11 GMT
x-cdn: Imperva
etag: "9acd744a67d01:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014000-0 0CNN RT(1630509370848 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31449600, public
content-length: 16359
expires: Wed, 31 Aug 2022 15:16:10 GMT

GET
H2 200 headbackground.jpg
o.kooora.com/i/ 8 KB
8 KB 50ms
43ms Image
image/jpeg 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/i/headbackground.jpg
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=549&ch=7701
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: f7bc0e1c67d8e5d4b614f36c913a86b62081eca21e729eac97f59a02e86c528d

Request headers

Referer: https://o.kooora.com/aw.css?rev=549&ch=7701
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
last-modified: Tue, 28 May 2019 21:11:41 GMT
x-cdn: Imperva
etag: "c659fcf19915d51:0"
content-type: image/jpeg
access-control-allow-origin: *
x-iinfo: 8-22014001-0 0CNN RT(1630509370849 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=24868462, public
content-length: 8128
expires: Thu, 16 Jun 2022 11:10:32 GMT

GET
H2 200 flagz.png
o.kooora.com/n/ 40 KB
40 KB 50ms
44ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/n/flagz.png
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=549&ch=7701
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 8b13bfcfcabc26baca32cc1a728aa8caed91fa97466a08f829f340da7dbe9fe9

Request headers

Referer: https://o.kooora.com/aw.css?rev=549&ch=7701
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:10 GMT
last-modified: Sun, 09 Feb 2020 09:18:49 GMT
x-cdn: Imperva
etag: "80a2f8ef29dfd51:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014002-0 0CNN RT(1630509370850 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31449600, public
content-length: 40636
expires: Wed, 31 Aug 2022 15:16:10 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 319 B
495 B 199ms
44ms Script
text/html 52.208.32.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&callback=MoatNadoAllJsonpRequest_40566199
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 32b31d9d307d8a316017bb8b2775985c3bb1528c46d6d5b4e15e3a7d35d083e5

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "426b6f267f3688ead6091d288564c14f6cd3b99a"
content-length: 319
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame E40E 1 KB
2 KB 73ms
60ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

:method: GET
:authority: z.moatads.com
:scheme: https
:path: /hd09824092/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

x-amz-id-2: tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id: 7Y2H1YDSCY2G4ZCG
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=544
date: Wed, 01 Sep 2021 15:16:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 65ms
57ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1630509371769&de=160955375221&rx=959321018976&d=CHOUEIRIGROUPDFP_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&sgs=5&ar=9658760-clean&iw=928ba56&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=kooora.com&bd=kooora.com&ac=1&bq=11&f=0&na=2049146810&cs=0
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:12 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
50 KB 42ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0293d9edb38175cf6ef2ae891b6260d1064ea1494790848214d1a98832f47d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51063
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 15:16:12 GMT

GET
H2 200 tc.json Show response
o.kooora.com/ 2 KB
957 B 37ms
34ms XHR
application/json 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.kooora.com/tc.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: a0a43739be134268837d1a509a7b6c34a79d061417ddc87b99c8cc73bc6796bd

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
content-encoding: gzip
last-modified: Mon, 27 Jul 2020 13:03:06 GMT
x-cdn: Imperva
etag: "0a1c7441664d61:0"
content-type: application/json
access-control-allow-origin: *
x-iinfo: 12-229813861-0 0CNN RT(1630509371367 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=2592000, public
content-length: 567
expires: Fri, 01 Oct 2021 15:16:11 GMT

GET
H2 200 /
img.kooora.com/ 13 KB
13 KB 99ms
33ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-08%2f2021-08-28%2f2021-08-28-09433336_epa.jpg&z=320|240&c=88|0|709|532&h=5953

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a3eff3e0114e8886b1ec27af0a2f48f2dea043e1bd9701cda7045d2d90b49015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267180-0 0CNN RT(1630509371623 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31519340, public
content-length: 13083
expires: Thu, 01 Sep 2022 10:38:31 GMT

GET
H2 200 /
img.kooora.com/ 14 KB
14 KB 91ms
26ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fmercato+thumb+.jpg&z=320|240&c=83|0|954|719&h=2637

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

eff1362a429c92216a43afbab87716876eb92f7ed0d3202453bd6f2f2b1451a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267179-0 0CNN RT(1630509371623 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31531513, public
content-length: 14335
expires: Thu, 01 Sep 2022 14:01:24 GMT

GET
H2 200 /
img.kooora.com/ 10 KB
10 KB 109ms
45ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-22%2f2021-08-22t185312z_1351435140_up1eh8m1ggmk5_rtrmadp_3_soccer-italy-udi-juv-report_reuters.jpg&z=320|240&c=23|0|777|583&h=7341

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29d74a76391d6c63b1854804b838d291ed91ddbccf1c9879fa6878216028803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267181-0 0CNN RT(1630509371624 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31108779, public
content-length: 10296
expires: Sat, 27 Aug 2022 16:35:50 GMT

GET
H2 200 fr.png
o.kooora.com/f/ 118 B
285 B 55ms
30ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/fr.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 7a764d1c4eed5698453f2c90a2d1dc21aecbb88cbb85a0d7c00cb0d1269b45c5

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:12:18 GMT
x-cdn: Imperva
etag: "cb373bd0ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014018-0 0CNN RT(1630509371262 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 118
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 ba.png
o.kooora.com/f/ 500 B
621 B 74ms
8ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/ba.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: d4868de17e6703d28078a569544c489bb1c9546bdcc8edcb49783a6f514f34cb

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:12:56 GMT
x-cdn: Imperva
etag: "26be51e7ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014019-0 0CNN RT(1630509371309 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 500
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 pt.png
o.kooora.com/f/ 517 B
639 B 70ms
9ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/pt.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: a86adfc2d049ba63e1a2779a368902ff1861d59f80f9381637e1e56fec3f1e55

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:10:36 GMT
x-cdn: Imperva
etag: "b3d88793ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014020-0 0CNN RT(1630509371311 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 517
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 ie.png
o.kooora.com/f/ 118 B
239 B 68ms
11ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/ie.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 19389101e87c60f6e6239521e1bef91a765146a3a493a38d5de50764167d66e8

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:11:55 GMT
x-cdn: Imperva
etag: "25db91c2ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014021-0 0CNN RT(1630509371312 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 118
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 eg.png
o.kooora.com/f/ 389 B
511 B 60ms
11ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/eg.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 737c272ee31ce3176d4a2509754da320bba871c9c14ba4b4ef73e6dd3ba31979

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:12:28 GMT
x-cdn: Imperva
etag: "b5d2b1d6ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014022-0 0CNN RT(1630509371312 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 389
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 ao.png
o.kooora.com/f/ 535 B
657 B 60ms
12ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/ao.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: e3bf40c8940561121ff593e50b3899be3c51da4c2321cb8eb93666bccdfe5b73

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:13:01 GMT
x-cdn: Imperva
etag: "b2a2dde9ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014023-0 0CNN RT(1630509371313 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 535
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 no.png
o.kooora.com/f/ 134 B
256 B 66ms
32ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/no.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 7a03b11d4e74c15843197fa54ea2cfc8490c41dfeef5148bc91e40f8e336dc5e

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:10:51 GMT
x-cdn: Imperva
etag: "1b80649cce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014024-0 0CNN RT(1630509371335 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 134
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 nl.png
o.kooora.com/f/ 118 B
239 B 37ms
33ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/nl.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: b83dd5170e60269f710c5cf6927572e87401bafda6503e833a4df091a7facef2

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:10:52 GMT
x-cdn: Imperva
etag: "ab587e9dce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014025-0 0CNN RT(1630509371350 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 118
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 ru.png
o.kooora.com/f/ 118 B
239 B 54ms
50ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/ru.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: c57a3d5518f3b06e117e04e396a0ff6119f7e03158ef936b49166b28345b996e

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:10:31 GMT
x-cdn: Imperva
etag: "291ca790ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014026-0 0CNN RT(1630509371351 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 118
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 hr.png
o.kooora.com/f/ 519 B
641 B 54ms
51ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/hr.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: cd626b7632cfb5af4ec82586a1b827d774e9db11d101e50d1e3b047ee4785c43

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:11:59 GMT
x-cdn: Imperva
etag: "53d015c5ce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014027-0 0CNN RT(1630509371352 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 519
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 ly.png
o.kooora.com/f/ 367 B
489 B 54ms
51ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/ly.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 7cbac1d739f8f4662f018087c7455f5553dd7b6d5d670df08bfb364acf7f6db1

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:11:20 GMT
x-cdn: Imperva
etag: "a650e9adce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014028-0 0CNN RT(1630509371353 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 367
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 ga.png
o.kooora.com/f/ 118 B
241 B 55ms
52ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/f/ga.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: cdd3c31150c95bcdc7ea4a26187261dad0d5ef96832a1518da973d9f6a992d56

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 17:12:17 GMT
x-cdn: Imperva
etag: "fdbc9dcfce79cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014029-0 0CNN RT(1630509371354 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 118
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 all.png
o.kooora.com/n/ 38 KB
38 KB 34ms
32ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/n/all.png?v=7
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=549&ch=7701
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 3c69666719400959dd75c842f0491ce3a3d61866ace65d4bef151a4c3fcaa1b4

Request headers

Referer: https://o.kooora.com/aw.css?rev=549&ch=7701
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Sat, 05 Sep 2020 04:21:24 GMT
x-cdn: Imperva
etag: "07adb33c83d61:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014030-0 0CNN RT(1630509371371 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 39266
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 poll_bg.png
o.kooora.com/n/ 1 KB
1 KB 41ms
38ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/n/poll_bg.png
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/aw.css?rev=549&ch=7701
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: e687e117ba451b8173131e11511ae60ecd4253106b48d8aba282f13b534b3f0b

Request headers

Referer: https://o.kooora.com/aw.css?rev=549&ch=7701
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Tue, 27 May 2014 06:47:41 GMT
x-cdn: Imperva
etag: "cfb4678e7779cf1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014031-0 0CNN RT(1630509371405 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 1141
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
3 KB 50ms
29ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-02-10%2f2021-02-10t213556z_133960188_up1eh2a1nzwof_rtrmadp_3_soccer-spain-sev-fcb-report_reuters.jpg&z=120|90&c=39|0|761|571&h=784

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9f95199e7ae62a3cee4c42d107bd79e58c0ebf375b054a5dd114486de65bfd3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267244-0 0CNN RT(1630509371888 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31520056, public
content-length: 2489
expires: Thu, 01 Sep 2022 10:50:27 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 54ms
34ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fspecial+silva.00_10_13_14.still001.jpg&z=120|90&c=269|0|954|719&h=6367

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

101926f36ddd708fe0aff1af8091a9beefc56d3d0fa98207c9b2f14684808b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267245-0 0CNN RT(1630509371890 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31511948, public
content-length: 3361
expires: Thu, 01 Sep 2022 08:35:19 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 55ms
35ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-02-24%2f2021-02-24t215658z_641155145_up1eh2o1oyy3l_rtrmadp_3_soccer-champions-att-mad-report_reuters.jpg&z=120|90&c=0|0|779|584&h=3755

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3c7429f019ec9483ccf7fd14d9f69e7b0cc67a5904712ff759e57943fada6c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267246-0 0CNN RT(1630509371896 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31529644, public
content-length: 2895
expires: Thu, 01 Sep 2022 13:30:15 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 55ms
35ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=romano%2fspecial+fabrizio.00_10_26_19.still001.jpg&z=120|90&c=109|4|584|439&h=2855

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

581162c11f94e94e768a3310b44d70e0ddb3f5694d6abdd081c0e07d9c1f9ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267247-0 0CNN RT(1630509371898 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31469313, public
content-length: 3358
expires: Wed, 31 Aug 2022 20:44:44 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 57ms
37ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-05-23%2f2021-05-23t180146z_1699565761_up1eh5n1e2w5p_rtrmadp_3_soccer-england-mci-eve-report_reuters.jpg&z=120|90&c=0|0|705|529&h=4431

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c0f0fbfa7bb32c747e386681fb8018428b8fa86f13b4f9302aeb7fc42213ecdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267250-0 0CNN RT(1630509371901 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31522242, public
content-length: 3767
expires: Thu, 01 Sep 2022 11:26:53 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
3 KB 69ms
50ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fja2rdim+thumb+.jpg&z=120|90&c=147|0|954|719&h=6494

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8fb5fa18248cf9251016b03ae0fb831da54468bccd9ee4dbf51e2d2016e2b161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267253-0 0CNN RT(1630509371908 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31423657, public
content-length: 2493
expires: Wed, 31 Aug 2022 08:03:48 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 52ms
37ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-08%2f2021-08-21%2f2021-08-21-09424065_epa.jpg&z=120|90&c=195|20|605|455&h=8187

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7f9b7c91931f818d2b862827501dc22aa5ff2c49f9742ecd47e997ea075d04d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267258-0 0CNN RT(1630509371940 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31526291, public
content-length: 3928
expires: Thu, 01 Sep 2022 12:34:22 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 123ms
108ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fspecial+-+griezmann.00_13_49_14.still002.jpg&z=120|90&c=139|0|954|719&h=5732

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19e32818e3eb55f2f03de31d423c08a99983972d7413eda9f7343fbbedbb3972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267259-0 0CNN RT(1630509371941 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31448842, public
content-length: 2679
expires: Wed, 31 Aug 2022 15:03:33 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
4 KB 123ms
108ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=albums%2fmatches%2f1834326%2fkoo_10.jpg&z=120|90&c=48|15|510|383&h=9750

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

62a81e1422632c3b5589b93808839d877c5942a3ddc591519c1e53ff6a042533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267260-0 0CNN RT(1630509371942 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31519594, public
content-length: 3525
expires: Thu, 01 Sep 2022 10:42:45 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 152ms
138ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fmbappe+thumb+ronaldooo.jpg&z=120|90&c=162|0|748|562&h=3280

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b438edbd366f078f48a671186c2d085ba5819d6170754dccd1e8736e9a32cb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267261-0 0CNN RT(1630509371943 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31383639, public
content-length: 2912
expires: Tue, 30 Aug 2022 20:56:50 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 140ms
139ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fno+comment+balotelli.00_01_22_19.still001.jpg&z=120|90&c=250|0|954|719&h=5328

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7ce613a33e702708857d46bf7dc845dc5434a377e0d4f07666f62a6e58bf373e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267262-0 0CNN RT(1630509371943 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31362084, public
content-length: 3616
expires: Tue, 30 Aug 2022 14:57:35 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 140ms
139ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-21%2f2021-08-21t160745z_1166130984_up1eh8l18svhu_rtrmadp_3_soccer-england-lee-eve-report_reuters.jpg&z=120|90&c=0|0|756|567&h=1512

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e449376b137b82bf9451df928f49eb9baa288a513ef4039e7e812ece1359d7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267263-0 0CNN RT(1630509371944 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31530682, public
content-length: 2650
expires: Thu, 01 Sep 2022 13:47:33 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 68ms
25ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-09%2f2021-09-01%2f2021-09-01-09440400_epa.jpg&z=120|90&c=76|0|709|532&h=8839

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

93b58a8c461a0c5df416c8400cda3faa770c684b115c9a8989913aa7babb1c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267300-0 0CNN RT(1630509372121 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31533606, public
content-length: 3697
expires: Thu, 01 Sep 2022 14:36:18 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 72ms
30ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fkooora%2f2021%2f9%2f2021-09-01_151213.jpg&z=120|90&c=42|0|575|430&h=7616

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

576c69b135f0629c417b31691d3da387c4311c0646f62aa21f97b1e4724de6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267301-0 0CNN RT(1630509372123 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31532989, public
content-length: 3875
expires: Thu, 01 Sep 2022 14:26:01 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
4 KB 55ms
32ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f295%2fkoo_295739.jpg&z=120|90&c=0|0|525|394&h=1719

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

21999a5c5bd98a7635cdd7f48e73ec48c665143d91bd78d006516d3078003c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267302-0 0CNN RT(1630509372124 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31534749, public
content-length: 3218
expires: Thu, 01 Sep 2022 14:55:21 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 55ms
33ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=neymoo%2fba035d65.jpg&z=120|90&c=33|0|513|385&h=5620

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

39ae2b949468752d10f2b1897bc86c0d5393fb8f609687606c4dab63fc51f9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267303-0 0CNN RT(1630509372124 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31528706, public
content-length: 3922
expires: Thu, 01 Sep 2022 13:14:38 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
4 KB 56ms
34ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f295%2fkoo_295721.jpg&z=120|90&c=0|38|600|450&h=6806

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d8e36db5f1af4c5d28f5e8404fc4f243677d9d555c454481bdf5882cd875473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267304-0 0CNN RT(1630509372124 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31529502, public
content-length: 3564
expires: Thu, 01 Sep 2022 13:27:54 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
4 KB 56ms
34ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f295%2fkoo_295724.jpg&z=120|90&c=98|0|405|304&h=1241

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

40f55db3f50c8574c605ad9ca3127375085f0eddce45758037cb549de72b8b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267305-0 0CNN RT(1630509372124 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31530595, public
content-length: 3234
expires: Thu, 01 Sep 2022 13:46:07 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 182ms
44ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=johari%2f241023544.jpg&z=120|90&c=18|0|540|404&h=3888

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

239e93f0c5324a9eb071c491acfcafa3e16adb9b8bf1228ab68727ec5a4bbc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267344-0 0CNN RT(1630509372363 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31533231, public
content-length: 3895
expires: Thu, 01 Sep 2022 14:30:03 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
4 KB 194ms
57ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f295%2fkoo_295664.jpg&z=120|90&c=0|46|600|450&h=8270

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b4f9fd8024ff3e7d2aec56b12af888e5142cacc411dd8f81ba3fc67136415e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267345-0 0CNN RT(1630509372365 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31523732, public
content-length: 3300
expires: Thu, 01 Sep 2022 11:51:44 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 200ms
69ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=johari%2f2410537.jpg&z=120|90&c=115|0|1277|960&h=4833

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e52a4c41ea705391fea54c454b696d15d7691a26bb35452476aaf2184bd6ae66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267346-0 0CNN RT(1630509372365 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31526582, public
content-length: 3835
expires: Thu, 01 Sep 2022 12:39:14 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 208ms
77ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=somabranco%2f2021.jpg&z=120|90&c=67|0|533|400&h=4478

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fd964f6a279c761bf1faccfcfcacfb7da7a10286f6551114657c4bf5f90e4993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267347-0 0CNN RT(1630509372366 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31524243, public
content-length: 2602
expires: Thu, 01 Sep 2022 12:00:15 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 209ms
78ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-31%2f2021-08-31t161847z_430966743_up1eh8v19b91h_rtrmadp_3_soccer-worldcup-fra-bih-preview_reuters.jpg&z=120|90&c=0|17|643|483&h=5958

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85811f06b458f9b6de1a0b21062195193f6d477b9127cc4f98c37c54b3c96858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267348-0 0CNN RT(1630509372368 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31531998, public
content-length: 3133
expires: Thu, 01 Sep 2022 14:09:30 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 209ms
78ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-06%2f2021-06-29%2f2021-06-29-09311287_epa.jpg&z=120|90&c=60|15|681|512&h=8076

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

497ed3b6ee9d9cf88bfe95eeabfaa404b05a3aa6f33e207510fe97de9173f4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267349-0 0CNN RT(1630509372368 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31524106, public
content-length: 4082
expires: Thu, 01 Sep 2022 11:57:58 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 38ms
25ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-31%2f2021-08-31t172107z_911482041_up1eh8v1c751o_rtrmadp_3_soccer-worldcup-fra-bih-preview_reuters.jpg&z=120|90&c=35|0|736|552&h=7844

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

aeec57ea9032a990ffa9242ac7f06e8acc60c40e39e51f5f50268dd8986259ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267360-0 0CNN RT(1630509372448 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31507557, public
content-length: 3646
expires: Thu, 01 Sep 2022 07:22:09 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 38ms
26ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fkooora%2f2021%2f9%2f2021-09-01_111708.jpg&z=120|90&c=0|0|715|534&h=612

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e1cfa606a792c238b9c6f52ae93d698aa52e2140304e91a929a44b55e55df022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267361-0 0CNN RT(1630509372449 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31518618, public
content-length: 3745
expires: Thu, 01 Sep 2022 10:26:30 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 30ms
26ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-09-01%2f2021-09-01t020703z_414020099_mt1usatoday16661255_rtrmadp_3_tennis-us-open_reuters.jpg&z=120|90&c=0|0|709|532&h=2405

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

066c217e0c0ca1229f7522b95f157640ea252aad91a2b12a82b3475c527b1b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267362-0 0CNN RT(1630509372450 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31505942, public
content-length: 3418
expires: Thu, 01 Sep 2022 06:55:14 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 33ms
29ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-31%2f2021-08-31t024229z_604049701_mt1usatoday16656403_rtrmadp_3_tennis-us-open_reuters.jpg&z=120|90&c=108|0|692|519&h=8079

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ecf6b74d0d01d0b22464a7c5efe51de5f50cfd445e245992f3a1ffe5fd4126f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267364-0 0CNN RT(1630509372453 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31504124, public
content-length: 2796
expires: Thu, 01 Sep 2022 06:24:56 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 32ms
29ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-09-01%2f2021-09-01t020730z_1766374939_mt1usatoday16661273_rtrmadp_3_tennis-us-open_reuters.jpg&z=120|90&c=87|0|709|532&h=5345

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9eff04e6a2cf38c32345fcc2ec544f804f79da64eaf5862489a867408a65047c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267366-0 0CNN RT(1630509372454 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31504532, public
content-length: 3188
expires: Thu, 01 Sep 2022 06:31:44 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 32ms
30ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fperez+thumb+.jpg&z=120|90&c=164|0|954|719&h=164

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a0b46c6a3acadd3375d7e06d98aabfa257192d729152f3ff7607b66f1c063ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267367-0 0CNN RT(1630509372455 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31272225, public
content-length: 2686
expires: Mon, 29 Aug 2022 13:59:57 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 25ms
23ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=april%2fjune2021%2fronaldo+sisters+thumb+.jpg&z=120|90&c=196|0|954|719&h=8409

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0ca06554254cc2f0d2b0c998b7492eba0e10839c180cb17626fc1cb38c091f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267373-0 0CNN RT(1630509372475 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31293738, public
content-length: 2590
expires: Mon, 29 Aug 2022 19:58:30 GMT

GET
H2 200 /
img.kooora.com/ 7 KB
7 KB 25ms
24ms Image
image/png 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f380%2fworld-cup-2022-1.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b80a8f921687c1c183f9b5d0e253a27f7cffad9b6d9ac752b29110ac5ef7256c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-130267374-0 0CNN RT(1630509372476 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=26536500, public
content-length: 6942
expires: Tue, 05 Jul 2022 18:31:12 GMT

GET
H2 200 /
img.kooora.com/ 21 KB
21 KB 27ms
27ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2f2017%2flogo%2fconmebol.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d9d387291aa5f9f5f819df357dc63cb6bec52008b190225e6f4db6c791ae40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267375-0 0CNN RT(1630509372477 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30220551, public
content-length: 21348
expires: Wed, 17 Aug 2022 09:52:03 GMT

GET
H2 200 /
img.kooora.com/ 6 KB
6 KB 32ms
31ms Image
image/png 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f17%2f129%2f2022-fifa-world-3.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dd913ae38e85bb1e82fde06de1917d806ccb19b474af85fc315be4d0dd5b54fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-130267376-0 0CNN RT(1630509372478 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30236300, public
content-length: 6474
expires: Wed, 17 Aug 2022 14:14:32 GMT

GET
H2 200 /
img.kooora.com/ 21 KB
21 KB 44ms
43ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2f2017%2flogo%2fcaf.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5ac326d76ead1ab071d369a8618147700820da5e2c89f7a30076bd51770e7270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267377-0 0CNN RT(1630509372479 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25024369, public
content-length: 21127
expires: Sat, 18 Jun 2022 06:29:01 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 32ms
28ms Image
image/png 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f20%2f944%2fworld-cup-2022-2.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88f988d3382d4c1ae7e593f1dc28d990bd2a35a3161792fcc8feb2741b3175f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-130267379-0 0CNN RT(1630509372496 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31361831, public
content-length: 3666
expires: Tue, 30 Aug 2022 14:53:23 GMT

GET
H2 200 /
img.kooora.com/ 16 KB
16 KB 25ms
22ms Image
image/gif 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2fsouthamerica%2flib.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0ff1d43a1325b18a1e551c237bc3ac379819a1b6cc1a222966370308b8586761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 14-130267380-0 0CNN RT(1630509372502 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27117142, public
content-length: 16220
expires: Tue, 12 Jul 2022 11:48:34 GMT

GET
H2 200 /
img.kooora.com/ 18 KB
18 KB 35ms
34ms Image
image/gif 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2fsouthamerica%2fcontinental%2fconmebol.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d34aeee450f07d70b7277ea9a3f531976878f9cb0492f9f244e132582830bf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 14-130267381-0 0CNN RT(1630509372504 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29533699, public
content-length: 18446
expires: Tue, 09 Aug 2022 11:04:31 GMT

GET
H2 200 /
img.kooora.com/ 10 KB
10 KB 26ms
24ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2flogo%2fuefa_champions_league2016.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

547848769221656097118092a8b8b4ad96cabc3483d4068422f1c9210f009e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267385-0 0CNN RT(1630509372524 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27104917, public
content-length: 10401
expires: Tue, 12 Jul 2022 08:24:49 GMT

GET
H2 200 /
img.kooora.com/ 10 KB
10 KB 27ms
25ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2flogo%2fuefa_europa_league2016.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4b67de5f7168b77144164a7ad5f99869c818515ff5f32668bc324bd9dc9ca3a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267386-0 0CNN RT(1630509372526 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27302496, public
content-length: 10547
expires: Thu, 14 Jul 2022 15:17:48 GMT

GET
H2 200 /
img.kooora.com/ 6 KB
6 KB 28ms
26ms Image
image/png 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f441%2fuefa-europa-conferen-1.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85e8eb07b569802be3ea3ddee96940dbd8de18e1bad0d7a2ea15e5748c0229a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-130267387-0 0CNN RT(1630509372527 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29606940, public
content-length: 5827
expires: Wed, 10 Aug 2022 07:25:12 GMT

GET
H2 200 /
img.kooora.com/ 6 KB
6 KB 28ms
27ms Image
image/png 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f22%2f672%2farab-womens-football-2.png

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d3496b1bb8547cb865e46186052ce2e2e16b597ddee3b04503be2d1cacc84e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 14-130267389-0 0CNN RT(1630509372527 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29267814, public
content-length: 5647
expires: Sat, 06 Aug 2022 09:13:06 GMT

GET
H2 200 /
img.kooora.com/ 4 KB
4 KB 30ms
25ms Image
image/gif 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2ftennis%2f2019%2fusopen.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

772b8c572fff58afb4b5398b20747cdd84e26e23de4c0602b9f60362c1ac71d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 14-130267393-0 0CNN RT(1630509372545 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29580330, public
content-length: 3614
expires: Wed, 10 Aug 2022 00:01:42 GMT

GET
H2 200 /
img.kooora.com/ 90 KB
90 KB 31ms
26ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fkooora%2f2021%2f8%2f2021-08-23_115722.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d572bd00b5768cc5843840d3fc0b2b6c001f02857e307535181b6c79651e81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267394-0 0CNN RT(1630509372546 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30775783, public
content-length: 91847
expires: Tue, 23 Aug 2022 20:05:55 GMT

GET
H2 200 /
img.kooora.com/ 10 KB
10 KB 31ms
29ms Image
image/gif 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2fafrica%2fcaf%2fsupercup.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

eecc6d974eeb402d24b622a7279b502f77afd5dc58e0af2885629157e805db03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 14-130267396-0 0CNN RT(1630509372554 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24936203, public
content-length: 9815
expires: Fri, 17 Jun 2022 05:59:35 GMT

GET
H2 200 /
img.kooora.com/ 20 KB
20 KB 47ms
44ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fafrique%2f2020-07-16_133023.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3f91ac929e80a0bfd2743e3366352fd21a6f0a39b18bd476cb9f7f3219b35e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267397-0 0CNN RT(1630509372555 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29844054, public
content-length: 20142
expires: Sat, 13 Aug 2022 01:17:06 GMT

GET
H2 200 /
img.kooora.com/ 26 KB
26 KB 45ms
45ms Image
image/gif 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ohatta%2fchampionships%2ffifa_world_cup_2022.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ecc8a0ae8ea0e42e4905b5862fb296ad750ffa0a414c58196d13f58f4170b013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 14-130267398-0 0CNN RT(1630509372555 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27090625, public
content-length: 26760
expires: Tue, 12 Jul 2022 04:26:37 GMT

GET
H2 200 /
img.kooora.com/ 17 KB
17 KB 46ms
46ms Image
image/gif 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=kooora_logo%2feurope%2fspain%2fspasupcopa.gif

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

59f102b01224513b0006a16c14103e2efc270c4c91dbfcd4599f87abaa80fc21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 14-130267399-0 0CNN RT(1630509372556 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27090625, public
content-length: 16907
expires: Tue, 12 Jul 2022 04:26:37 GMT

GET
H2 200 /
img.kooora.com/ 1 KB
2 KB 29ms
29ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-29%2f2021-08-29t205347z_1861103392_up1eh8t1m1llo_rtrmadp_3_soccer-france-rei-psg-report_reuters.jpg&z=7&c=13|0|764|573&h=6853

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d6f01dfa11f80d4b0c26fea2f434ecfe3849c4975eebe3c5216c193c073d611d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267400-0 0CNN RT(1630509372570 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31460981, public
content-length: 1436
expires: Wed, 31 Aug 2022 18:25:53 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
2 KB 54ms
24ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-01%2f2021-01-17%2f2021-01-17-08944910_epa.jpg&z=7&c=0|0|645|484&h=8686

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2d7abaf66f06a493256356ae5127d7859c491b8e0666424745e99ab188f7e4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267408-0 0CNN RT(1630509372612 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31505619, public
content-length: 1714
expires: Thu, 01 Sep 2022 06:49:51 GMT

GET
H2 200 /
img.kooora.com/ 1 KB
2 KB 38ms
24ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=mkandeel2%2f119%2f104.jpg&z=7&c=119|19|639|480&h=2468

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15045c656126ef9dc87407d03b2007ac4b2bdf596e8bb2fc69047e2b04a88d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267409-0 0CNN RT(1630509372612 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31455619, public
content-length: 1433
expires: Wed, 31 Aug 2022 16:56:31 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
2 KB 38ms
24ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-08%2f2021-08-28%2f2021-08-28-09434757_epa.jpg&z=7&c=32|0|728|547&h=484

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e812fe11de74497857cbdd41b072e78a7a3d717a8aa2f96deb953ba996c2476b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267410-0 0CNN RT(1630509372613 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31487965, public
content-length: 2003
expires: Thu, 01 Sep 2022 01:55:37 GMT

GET
H2 200 /
img.kooora.com/ 1 KB
2 KB 38ms
25ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-28%2f2021-08-28t094412z_1323471323_up1eh8s0r1n0d_rtrmadp_3_soccer-france-rei-psg-preview_reuters.jpg&z=7&c=329|21|460|345&h=4357

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1bfdf71d0e81b1006caae31bf74df5629a92567f37d4ea5aef23ee1af0ffd9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267411-0 0CNN RT(1630509372614 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31502429, public
content-length: 1487
expires: Thu, 01 Sep 2022 05:56:41 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
2 KB 39ms
26ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-29%2f2021-08-29t153329z_1329916789_up1eh8t177r9n_rtrmadp_3_soccer-spain-fcb-get-report_reuters.jpg&z=7&c=31|0|736|552&h=4170

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

45860fbed3e22557617dbfc8ad5478bd3ac00b47089006d269e878c3564226b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267412-0 0CNN RT(1630509372614 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31487965, public
content-length: 1887
expires: Thu, 01 Sep 2022 01:55:37 GMT

GET
H2 200 /
img.kooora.com/ 3 KB
3 KB 39ms
27ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=mkandeel2%2f119%2f79.jpg&z=120|90&h=452

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

025ea15634a9af5c39670faa9e40359fd8db3fbffb0e3d004dc1461e03aed85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267413-0 0CNN RT(1630509372615 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30901976, public
content-length: 2760
expires: Thu, 25 Aug 2022 07:09:08 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
3 KB 28ms
21ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=mhmed_aziz%2fjanuary%2fkoo_1_1_2020%2f250_8caa5f9003.jpg&z=120|90&h=4059

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b9414f14ab42c67f6d90d50396a48ce1ab7686ab1354889254e3e0bd381b90b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267415-0 0CNN RT(1630509372642 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28952296, public
content-length: 2444
expires: Tue, 02 Aug 2022 17:34:28 GMT

GET
H2 200 /
img.kooora.com/ 2 KB
3 KB 30ms
23ms Image
image/jpeg 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fkooora%2f2021%2f9%2f2021-09-01_083949.jpg&z=120|90&h=1402

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ffb82951853443278357985f82e5f1c2b70f2ca729b731a94e432181936cfc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 14-130267416-0 0CNN RT(1630509372646 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31510522, public
content-length: 2505
expires: Thu, 01 Sep 2022 08:11:34 GMT

GET
H2 200 / Show response
www.kooora.com/ 330 B
467 B 156ms
140ms XHR
text/html 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?jsoninfo=compstatus

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ac7e40364b172244db8385def4932872f7279fbd12bc769267b4426559712cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Deny

Request headers

:path: /?jsoninfo=compstatus
pragma: no-cache
cookie: ASP.NET_SessionId=hnru241shr1g5n3ydjj0zchq; kookie=40f8d5b5-9496-40a0-bd22-64dfa0d04827; kookie2=40f8d5b5-9496-40a0-bd22-64dfa0d04827; eclk=1630509371; nlbi_146017=4g7XUq95YhG0CrCAQl8TSQAAAABDiNmhpggeOupsS8aHvkMI; visid_incap_146017=vso5P6OFSI+3VAopJ4dYvDuZL2EAAAAAQUIPAAAAAADc8no8jdBQ3ctvtPb+s0xy; incap_ses_392_146017=CiONcQwxGgsjuNnHYKpwBTuZL2EAAAAA66TJKJ2/EKb6Xt2dW/M6fA==; visid_incap_146022=13gLYZYKSc+HQDsIFtcsiziZL2EAAAAAQUIPAAAAAABqRSBVyEE/NAl917q8M7yk; incap_ses_246_146022=P+1aJkOiKmHOIHfVGPhpAzqZL2EAAAAAIw4GHYbD3aVRR+SSdWs0LA==; visid_incap_147515=3/xlvl7wSXGE3qN3XHqIJzuZL2EAAAAAQUIPAAAAAADH9TA1ez/yzMwIv+lsYyw7; incap_ses_392_147515=NvybaoHHt3ekuNnHYKpwBTuZL2EAAAAA6h5DDXzwFBef0+fklLyUrw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.kooora.com
referer: https://www.kooora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: Deny
content-type: text/html; charset=windows-1256
x-iinfo: 14-130267257-130256280 2NNN RT(1630509371939 0) q(0 0 0 -1) r(0 0)
cache-control: private
strict-transport-security: max-age=31536000
x-cdn: Imperva
expires: Tue, 01 Sep 2020 15:16:12 GMT

GET
H2 200 r1.gif
o.kooora.com/ 813 B
1 KB 123ms
109ms Image
image/gif 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/r1.gif
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: ad7e88c8654235bbddd04f7af65c642fe32f8bb993250dd40764778e8b2d9937

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Thu, 06 Sep 2012 08:50:08 GMT
x-cdn: Imperva
etag: "a67f339ec8ccd1:0"
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 8-22014033-0 0CNN RT(1630509371602 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=31449600, public
content-length: 813
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 274ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 15:16:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6725)
Age: 362
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 dlive.json Show response
ktv.kooora.ws/ 2 B
506 B 354ms
71ms XHR
application/json 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ktv.kooora.ws/dlive.json

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 20:50:12 GMT
x-cdn: Imperva
etag: "5254b4a0"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 2-114041814-0 0CNN RT(1630509371927 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=272, public
content-length: 22
expires: Wed, 01 Sep 2021 15:20:43 GMT

GET
H2 200 xgemius.js Show response
gaae.hit.gemius.pl/ 40 KB
11 KB 355ms
71ms Script
application/x-javascript 188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/xgemius.js
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: b097f8e4d32d148b9b3e42e3ac568b4edde95cb3de99f44346f51469d618979a

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 12:01:23 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Thu, 02 Sep 2021 03:16:12 GMT

GET
H2 200 / Show response
www.kooora.com/ 898 B
1 KB 101ms
62ms XHR
text/html 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kooora.com/?lnews=fr

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7b43f41d5796b9c2be3eeb73db589403e05c0a24d9c01de037aff508e838bfc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	Deny

Request headers

:path: /?lnews=fr
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.kooora.com
referer: https://www.kooora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: ASP.NET_SessionId=xqvjl1tkmos2ygm43g0xng42; path=/; HttpOnly; SameSite=Lax eclk=1630509372; expires=Thu, 01-Sep-2022 15:16:12 GMT; path=/ svx1=0; expires=Fri, 01-Oct-2021 15:16:12 GMT; path=/ nlbi_146017=AKA4VDEvbTxAxhCaQl8TSQAAAAAeWs5EKxlOL/QPFncWgTkY; path=/; Domain=.kooora.com; Secure; SameSite=None visid_incap_146017=reKERQYeR+2ECgT3CMjrbTyZL2EAAAAAQUIPAAAAAAD/SDfWiOZmS0ODTIipXsQf; expires=Thu, 01 Sep 2022 08:52:15 GMT; HttpOnly; path=/; Domain=.kooora.com; Secure; SameSite=None incap_ses_392_146017=Sbt1cOXJEGsgudnHYKpwBTyZL2EAAAAALQn0kFPS9P+Pvu+dBGJv0A==; path=/; Domain=.kooora.com; Secure; SameSite=None
x-powered-by: ASP.NET
x-frame-options: Deny
content-type: text/html; charset=windows-1256
x-iinfo: 14-130267299-130240418 2NNN RT(1630509372120 0) q(0 0 0 2) r(0 0)
cache-control: private
strict-transport-security: max-age=31536000
x-cdn: Imperva
expires: Tue, 01 Sep 2020 15:16:12 GMT

GET
H2 200 getrssarticlesAPI Show response
striveme.com/api/ 14 KB
3 KB 286ms
20ms XHR
application/json 2606:4700:20::ac43:4901
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://striveme.com/api/getrssarticlesAPI
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.30
Resource Hash: 4eadb961ff3311ef89724e0f8ccc5eda031fe277237db14e7cec4d1fcff93498

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods
content-type: application/json;charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDzF2g7%2FjVP3s4jECFn76pxVw3zIOF3MiCh%2BM8Pvzx3EtG7%2BO7So83P%2FfFI%2BuvbeiJ%2FSelnflaKfOAST1qV1Rg2bCul7d50Uvj4ppWbHgqRYbaUySicKQ6SHxM8Z2bnK4KwifAlASbdXMw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
cf-ray: 687f755c6ef24eb6-FRA
access-control-allow-headers: ,

GET
H2 200 Ad_24_9_20_300x60.gif
o.kooora.com/banners/ 12 KB
12 KB 58ms
35ms Image
image/gif 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/banners/Ad_24_9_20_300x60.gif
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 3887b1317dc3d67b82b8f1abd3b1f229d6070c324a329ea1a5b8f082871142a6

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
last-modified: Thu, 24 Sep 2020 13:30:14 GMT
x-cdn: Imperva
etag: "0f783d57692d61:0"
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 8-22014034-0 0CNN RT(1630509371783 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31449600, public
content-length: 12012
expires: Wed, 31 Aug 2022 15:16:11 GMT

GET
H2 200 lwt.json Show response
ktv.kooora.ws/ 24 KB
4 KB 338ms
71ms XHR
application/json 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ktv.kooora.ws/lwt.json

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

630a96919d61c1c006daf9b500f89ffdfd89c7bec2932dc129184b2882df8bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:11 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 15:14:38 GMT
x-cdn: Imperva
etag: "500a1152"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 2-114041815-0 0CNN RT(1630509371928 0) q(0 -1 -1 1) r(0 -1)
cache-control: max-age=271, public
content-length: 3407
expires: Wed, 01 Sep 2021 15:20:42 GMT

GET
H2 200 _Incapsula_Resource
www.kooora.com/ 1 B
310 B 105ms
78ms Image
text/plain 45.60.65.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kooora.com/_Incapsula_Resource?SWKMTFSR=1&e=0.40796315544165007

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.40796315544165007
pragma: no-cache
cookie: ___utmvc=mEidTuL0M7fmZegksLuDCjhhA53p8ucaQcHIyNzygvaOI2t99aUDkzztiH8AQkXbGfU2FVWFhvZvxtyePh4KmZMZmDp74U4XbrjGQFyq7IU1kb/mCtx4yvWyqsWxLl/FnkTDTs92YZi2XJruM0DFrFAfRMCMySyLYU3kfJjMFAo3PfzYc0vvl/ef+qusVKcJljqPjsqBe69kigGgDKIYFS/uYfG6iDVkEN+Stdd1kaiH6J1msv/3/BqZsbNF+I1aydTKqoPOXZTU5xIYtQtbtJtRHwz7G0PF8vQCd7FOpK66lqCjYcpCmq8L+h77W2SN0F1dI5xu8ulXL+Lq6Mos2HbRTOGfj24KQPfpADNEby9fJueEATblz0ZQnko1tjXlIGcncl9t+TvEHenpZI1SnOqOwD5ySBOlEnNZUis3llqb9qaETN4nbOlNPNVc8rtzgUwOXa6daO8RtYPyR/iWvWRpTlxPc9k+aUb/KUk3igGw8kzTvmSpRYvxwciW85sS8RCy0fJTXAyLlVIzcF/+BxugFecHsuYwOhaN6LkmMav230nB+ayh2lNnVhFxeL89x2ldp6iag2MuPDP9WeWSXvB5Yqg0a6LA0qZ52YArnMV26C8nqbVkhj2nrVSqlfWZt3V5ANWl7IA/I7BaL7d4Ynr6mDmhOPiBrxoVCcvRTMXj4C+577d/pkFTIYo+IBEK7lepQxCSpG6NNzW3l8xhNhUGZutxhPaMkM+QAuLaEa7lqIMNMe7hBTynLkA10x0ny0ZVvvOKnaXoBW95xVmUrPiYpt82FztnkdGB59LyV1Yhh5b9UNYLlSyHsTCMYcDZbiEG2bpVuI3uvSrXCfyz5I97UBO7ymvh9IX0dUVIGBvQOQlA5ARXX1srk0HXysjS2ib3TYFCOrc2ixH1Ys/Zln8dxG1znhEnXlioHTbG/R614s95RRYG5T6kGOts26HcBeMEGupd2ESWesLGz7jB3Q12tE5k0HYx2AoEXZxtZV+g/RulVHg+MvVLy3lfjqtaBcPX4AF6YcNseqQJdJoRb6FEc2ag93G57j6cvqq4hvJ1O124AaQE8y5qqY55/64+ZJXleRIM3pJTEdP7kajG9aqs8K9Sw4WAOMJa0k8UoZDzUrrsjxBH9thTvOtwiYF2LnV39thAseYNsfyZZ8sXF+4fwY1V038IRQZfFzGfZ0bdog0S9bwGEf+7MtPLFUF1ZD2REcTChJP6Boiz7ez5gxBfCDm8cTRejK6bR7wTvDToNEmMejYG9/m6MYxypQK3Cv31r9GW2n3GSA5hNaA7dWKAohWHn+J/qPyAFTirYh3TwRaCURBjl0fHtZ7Rtj2PY9g95Y65iknBUXLGA0viCTZqpaD+7xhPvwciC3ahscmYJYIS1Wv5KY0E6VtilYdv99DhRnKCBeaH0bIYTxzzuN379T0xose+o0bxRh8uJ5rDKRj8nDKzVojQ5CxNn6hJagFr7qbAMmRGOXaFDjfHD3ulfM0GeXqMyiVGY5B9/8qexn7O/iaJ0djIL72wSqMXq6ZRcOLzsB72DTD1N9OjpjnJk3ru57CgUdadUWC7VsOtj6vEpllaQAtvM/eVOGBsi4j5tQ5dkx6hUBj2b6uuT6KPFNjhVfcvEclKWRE7VMgqAbVnIK8SBNeaV9oE2/qwGG+5tY4XCAaZKFkygEqMPKKqzsGVrxCc7CPU9utHSxDDyBiVZabYkzGBt7T85QlJLQaHYL3JbdTB9/owlynVY+q3SsuV1/jc3o1nkh9lsxJwYxP2DOixfO7/5OKTeQ+M1QLo5Z1N5MRFqsWbG0zCSrwGzoNUq1r0+JQrXB4BNHxCWMKPn2nOBOFnJuzv3B6NIg5Q981XM5SU4ZKNGTh2zC6WYhtEwQgihNN6Ajz0xP5PpLLETzN07KWbfsbQB0okbY6AgS2R/BQTd/2rL6tM+D0KlsOI6Sw54apZUbMdiyV4HyONdpicNJ6Mac3ih1CD1NET82PH6cur0hh5sXecE/LwWpdhV1t1CErVOt7eLj65Af4TdlVCEhZh5fA3ddE4Bkh6HiNAoBglI3N3P9GsnBMwQBfax+4/+sBdtrgfGV2e7icIla7TezebVC89DG0U6M3ZYUBgDqav5vw7CRdTbmWtDmEajBC4jaQxcjMAaC4wKfkOt/aUNgxcNNcUYb1HxBSw1ImCVW6TL8fnSVUN3+EtK4x5BEFtHtMXGuRzzvHpKp0/H8Uo71jmcGUzD7XayiuOfUzYnnWUZqm8FJi+Yz/CSP97lEAupJlZBDBWHfPNXppo5xmQeyTKGDHq7uoxB9UyYhwwsx1Mt8I3vzzdvI8PxgggJuEFILHTEdnZeTxaRt9/ZDWh95wfqVMI3hECb5GBwS+FV1a3x/fINKAsTEZOC0/SyJfWWI6SquMK6XhA8sFRZPe7/r4jxl8daStF3p8AJAnZDphCf0tm16TmPioSwUfXw1/8ifFmUeUHfnm/gBoDRi30yJKWlJ4XtLftS1qVTOFNuqiq5OYc2vBuKmBCqjV1wwAPXsa75fYoWKryjncVuJBf4pZnsh3dSvwwREzfTWfezC8x/EACu61BS1hrJk505LOfJ2ltsig/81oug6LBj/OIBJLuua0gkObf/PyVtwXaODLYHIJioiqI6/fTF3Wl+TIJvGX0fNJa1lwJnYY0Qd+UoyZ10PXGOtXAsD4krVFRLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kooora.com
referer: https://www.kooora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
set-cookie: visid_incap_146017=reKERQYeR+2ECgT3CMjrbTyZL2EAAAAAQUIPAAAAAAD/SDfWiOZmS0ODTIipXsQf; expires=Thu, 01 Sep 2022 08:52:15 GMT; HttpOnly; path=/; Domain=.kooora.com; Secure; SameSite=None incap_ses_392_146017=JbPpTtpDHCsgudnHYKpwBTyZL2EAAAAA3u6b1f5fxIzrxWUbI53sKA==; path=/; Domain=.kooora.com; Secure; SameSite=None
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 kooora_com.js Show response
static.cognativex.com/config/ 208 B
740 B 77ms
49ms Script
text/javascript 2606:4700:20::681a:f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognativex.com/config/kooora_com.js?v=2021-9-1
Requested by: Host: kooora.cognativex.com
URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-9-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a59afc257bbda60d57cb39fa2497e15d46c66a08bee7cd6fb48382401dd0fcf

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=Nij+FQ==, md5=jAM4x0UdhTEhIBGOOgnZiA==
date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65040
cf-polished: origSize=212
x-guploader-uploadid: ADPycdt_qVTWKmo8EqJ4hrZIEX80v9yeXi1DmkON4fve4KAmFkXN6QKORK0_MGlEXIA9uuQpk1KaEoaONI33WAGoq4lYcZdhng
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Mon, 16 Aug 2021 13:14:45 GMT
server: cloudflare
etag: W/"8c0338c7451d85312120118e3a09d988"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSo8c7Z%2F8gZN16eW2h1jkQBVUCSCeiSkApbyitPFnHH9ELwACXbRTcbqVsaMJ2AD01weg6eSM%2B3aGoTRKEMsi06yyvTFACKZlQ9nXb9tC%2FJ42ckLwuMp8UuMGSY1osb0AOCe46hxywQDHT4K7Pa7LFWngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629119685889232
access-control-allow-origin: *
expires: Wed, 01 Sep 2021 21:12:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 212
cf-ray: 687f755c9ff45b68-FRA
cf-bgj: minify

GET
H2 200 pixel.png
log.cognativex.com/ 68 B
532 B 974ms
48ms Image
image/png 35.227.236.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.cognativex.com/pixel.png?cn_event=pixel&cu=https%3A%2F%2Fwww.kooora.com%2F&rd=1630509372840
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.236.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.236.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:13 GMT
x-guploader-uploadid: ADPycdsDeVV_g1qkJ4ySZmDRfvMfLaYR6I-N5NsbE2A_W6vZhm3XlzbCszqvoFeQeMCTt_DC8H-W8YmzVqMOybklbYlobc1dCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 68
last-modified: Wed, 10 Apr 2019 07:20:04 GMT
server: UploadServer
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-goog-hash: crc32c=FWkPzg==, md5=keQtscZsCydqv2I03FCy6w==
x-goog-generation: 1554880804539077
cache-control: public, max-age=3600
x-goog-stored-content-length: 68
accept-ranges: bytes
content-type: image/png
expires: Wed, 01 Sep 2021 16:16:13 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1630509372889_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1630509372889_1

143 B
741 B

108ms
64ms

Script
text/javascript

52.208.239.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1630509372889_1

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-239-191.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

33cf5cdd220361935b9aad6ad1be1ad162d1c520e9cd7bccef8eae9df881ff9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 135
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:13 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1630509372889_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 223 KB
66 KB 36ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js?hash=5f6ffa0e2cfa037928410001dc7ff5ab

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3137c3d9470d9844d0bbe4df783bf476a08b9b63eb61624b40c9a990f4c560fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.kooora.com
Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mZjp6joEAfb+fqiyGAoSpw==
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Sep 2022 12:59:00 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67103
x-fb-rlafr: 0
x-fb-debug: uUaFp7O5yskN9GE3FjZb+U+tjQ6EO3nI5BRxvtqlhY6yisw5P3eiHBtvZPrZmlEGmjYOnhGodpp8kuRo9Oswlg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 4dc2d63f0aa13228118d6730576d3d26
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 01 Sep 2021 15:16:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a34598d3f09be8661059715bc5e7f1d6"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T24P46T&cid=1499771941.1630509373

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22b7cb6fcf3711416c278be9c8cf7af5a09701701849131fb090f3339dd62f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39281
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 15:16:13 GMT

GET
H2 200 %D8%AA%D8%AC%D8%B1%D8%A8%D8%A9_%D9%82%D9%8A%D8%A7%D8%AF%D8%A9_%D8%AC%D9%88%D9%84%D9%81.jpg
striveme.com/img/article/20272/ 114 KB
115 KB 76ms
24ms Image
image/jpeg 2606:4700:20::ac43:4901
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://striveme.com/img/article/20272/%D8%AA%D8%AC%D8%B1%D8%A8%D8%A9_%D9%82%D9%8A%D8%A7%D8%AF%D8%A9_%D8%AC%D9%88%D9%84%D9%81.jpg
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb1158f5cf7990180e622a87a9f0194d057608ea96695c36582f4e6b462f878

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30133
cf-bgj: h2pri
content-length: 116877
last-modified: Wed, 01 Sep 2021 06:39:48 GMT
server: cloudflare
etag: "612f2034-1c88d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1pcvhxRo6U5n8IQn4bnmOwpUIQHdC7pdLgXnwmMxsLQEDiZ0sfOaOcXDop0u33H3Gsho%2Fq%2FQ049guxopzjIrOQbWSwF%2FcMUcq3zEctjV7gRt40V0c%2B%2FWCXNSOx4uqMBEHI2tTBZgkx1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 687f755f3f5c535d-FRA
expires: Sat, 11 Sep 2021 06:39:49 GMT

GET
H2 200 StriveME-Logo-S.png
o.kooora.com/ 6 KB
6 KB 41ms
40ms Image
image/png 107.154.114.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.kooora.com/StriveME-Logo-S.png
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.140.ip.incapdns.net
Software: /
Resource Hash: 307702de7d01f11cce103e6bf37a2fc508d95e65d089de6ee976771fdd020868

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Sun, 27 May 2018 09:25:56 GMT
x-cdn: Imperva
etag: "c276a4b79cf5d31:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 8-22014055-0 0CNN RT(1630509372415 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31449600, public
content-length: 5763
expires: Wed, 31 Aug 2022 15:16:12 GMT

GET
H2 200 live.json Show response
ktv.kooora.ws/ 2 B
424 B 32ms
32ms XHR
application/json 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ktv.kooora.ws/live.json

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: gzip
last-modified: Sat, 10 Jul 2021 15:34:18 GMT
x-cdn: Imperva
etag: "5254b4a0"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 2-114041883-114041308 2CNN RT(1630509372328 0) q(0 0 0 0) r(0 0)
cache-control: max-age=270, public
content-length: 22
expires: Wed, 01 Sep 2021 15:20:42 GMT

GET
H2 200 thumb_1630502194.jpg
ktv.kooora.ws/images/167/ 29 KB
30 KB 106ms
41ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630502194.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

8afd929f163aa010429412630b912aefbd114f38b6866061c251cb55a8dca6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Wed, 01 Sep 2021 13:55:55 GMT
x-cdn: Imperva
etag: "f5f6a415399fd71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149250-0 0CNN RT(1630509372400 0) q(0 -1 -1 0) r(1 -1)
cache-control: max-age=37, public
content-length: 30019
expires: Wed, 01 Sep 2021 15:16:49 GMT

GET
H2 200 thumb_1630484559.jpg
ktv.kooora.ws/images/167/ 30 KB
31 KB 182ms
117ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630484559.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

86247f48a9287b73500537d99d4e5862d0a6343bb6878ee717d471a11f4cb7bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Wed, 01 Sep 2021 08:28:23 GMT
x-cdn: Imperva
etag: "4c72d953b9fd71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149255-0 0CNN RT(1630509372407 0) q(0 -1 -1 10) r(0 -1)
cache-control: max-age=175, public
content-length: 30909
expires: Wed, 01 Sep 2021 15:19:07 GMT

GET
H2 200 thumb_1630422087.jpg
ktv.kooora.ws/images/167/ 28 KB
28 KB 174ms
110ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630422087.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

565b58daab9b7d9ec04dd4cb5a41d50158783d29a02bda2f0ec4de94d24ea133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Tue, 31 Aug 2021 20:39:25 GMT
x-cdn: Imperva
etag: "70979b49a89ed71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149254-0 0CNN RT(1630509372406 0) q(0 -1 -1 10) r(0 -1)
cache-control: max-age=287, public
content-length: 28221
expires: Wed, 01 Sep 2021 15:20:59 GMT

GET
H2 200 thumb_1630421980.jpg
ktv.kooora.ws/images/167/ 33 KB
34 KB 146ms
82ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630421980.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

55e7cf3e9627572dd93cf73ea133285b762e2be0e73852c702e0e55b03d2c1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Tue, 31 Aug 2021 15:00:24 GMT
x-cdn: Imperva
etag: "336a71ed789ed71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149252-0 0CNN RT(1630509372403 0) q(0 -1 -1 11) r(0 -1)
cache-control: max-age=331, public
content-length: 34107
expires: Wed, 01 Sep 2021 15:21:43 GMT

GET
H2 200 thumb_1630396589.jpg
ktv.kooora.ws/images/167/ 22 KB
22 KB 167ms
103ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630396589.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

55d5cdb646aac7754c4fa6a5d3c648b8436b5c07892cd7b62be770edbc9ac5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Tue, 31 Aug 2021 08:00:23 GMT
x-cdn: Imperva
etag: "848b66403e9ed71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149253-0 0CNN RT(1630509372404 0) q(0 -1 -1 11) r(0 -1)
cache-control: max-age=509, public
content-length: 22560
expires: Wed, 01 Sep 2021 15:24:41 GMT

GET
H2 200 thumb_1630325918.jpg
ktv.kooora.ws/images/167/ 21 KB
21 KB 188ms
125ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630325918.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

5a0938c3e6ace66565b47cdc6e4bdb557a7e432b68176ce0fa0e8f8ed0645be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Mon, 30 Aug 2021 20:52:28 GMT
x-cdn: Imperva
etag: "5f879df1e09dd71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149256-0 0CNN RT(1630509372407 0) q(0 -1 -1 10) r(0 -1)
cache-control: max-age=481, public
content-length: 21399
expires: Wed, 01 Sep 2021 15:24:13 GMT

GET
H2 200 thumb_1630334777.jpg
ktv.kooora.ws/images/167/ 23 KB
23 KB 136ms
74ms Image
image/jpeg 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ktv.kooora.ws/images/167/thumb_1630334777.jpg

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

41ff8bfdfd1af2daad71be61a4399294d57f1b23174f54a1a9124f07d78c2379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
last-modified: Mon, 30 Aug 2021 14:50:28 GMT
x-cdn: Imperva
etag: "a0e4d35fae9dd71:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
x-iinfo: 4-194149251-0 0CNN RT(1630509372401 0) q(0 -1 -1 11) r(0 -1)
cache-control: max-age=298, public
content-length: 23561
expires: Wed, 01 Sep 2021 15:21:10 GMT

GET
H3-29 200 1506063979515344 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1506063979515344?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f8e4a1407df7d3f007d792891d952f6f5bf44c47c776d8d572838597981d79d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89566
x-xss-protection: 0
pragma: public
x-fb-debug: 8VEAFyRt4ZQKkp2nFQbq8CHEVvcz8aLgbVf1bOCgLfcpk4m1EQTd1EIvTG2Xmum01R4XBDZeJcnffrtz5UUxtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Sep 2021 15:16:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 3FE1 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.kooora.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kooora.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 513780
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Sep 2021 15:16:13 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6752)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 cx_script_v20.0.8.js Show response
static.cognativex.com/scripts/ 145 KB
49 KB 21ms
16ms Script
text/javascript 2606:4700:20::681a:f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognativex.com/scripts/cx_script_v20.0.8.js
Requested by: Host: kooora.cognativex.com
URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-9-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f771a71b72bb90183b2e040e50dfc693d99bd8137ca8689526595d3c29c84df6

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=Yy1iQg==, md5=5YVaDpL1YMBUcr6y27AZMA==
date: Wed, 01 Sep 2021 15:16:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1389634
x-guploader-uploadid: ADPycduGUWGIqugggvsYAwaB9T_LDhmyerVzJJAzafc0LMNnBi4CqZgNUqMjxW_z1T-FPKL1UuOeyPMFGyzTbH9ktM0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
last-modified: Mon, 16 Aug 2021 13:14:16 GMT
server: cloudflare
etag: W/"e5855a0e92f560c05472beb2dbb01930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwutWp2QafG5huCgP%2Bt8asGT9ASG%2F14MdZDmvQzsc3FR6PGn0DPhaU1L93Y%2FJmy4oyKNb8l8Ujs1G1zP5X2qTJgPyzQMdQ2cB9JIL5szlAn2bRMpk3bg%2F8DBjsgYfX4GF2Csx8lwn6eiQiorcoM9jRLUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1629119656186889
expires: Wed, 15 Sep 2021 13:15:05 GMT
cache-control: public, max-age=2592000
x-goog-stored-content-length: 48278
cf-ray: 687f755ffefc5b68-FRA
cf-bgj: minify

GET
H2 200 fpdata.js Show response
gaae.hit.gemius.pl/ 279 B
416 B 71ms
69ms Script
application/x-javascript 188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/fpdata.js?href=www.kooora.com
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: 45f235ad134e1767b75a95296ddcbfdead22413f021fa2ca830efe42aa97b59a

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:13 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Fri, 01 Oct 2021 15:16:13 GMT

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js Show response
cdn.permutive.com/ 2 MB
339 KB 456ms
70ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f9e825ae798c6848b5a17dbd9059bd53b975d1f78ae23f6c00c3445429a626

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:13 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 1376
x-guploader-uploadid: ADPycdvs6j6idf3ff7tJiyGHLzHFZuguSJz5Uid2K--nVZ19S8A94u2hGVdbQC4lbUDdkc3hFy6Dk1Vu2_jnL1Z36V8
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 11:53:12 GMT
server: cloudflare
etag: W/"0b9d56b2efc6a62afbe1a9c633a968d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Iln10g==, md5=C51Wsu/Gpir74anGM6lo0g==
x-goog-generation: 1630497192447492
cache-control: public, max-age=300
x-goog-stored-content-length: 372137
cf-ray: 687f7562de1568e8-CDG
expires: Wed, 01 Sep 2021 15:21:13 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 77 KB
28 KB 389ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ea251a350b959b00ea3575cf46c712b0a9f980fff175f8966ab73f2b7a4d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 20:57:49 GMT
server: sffe
age: 89
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28393
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:44 GMT

GET
H2 200 vod_data.json Show response
ktv.kooora.ws/ 581 B
766 B 46ms
45ms XHR
application/json 149.126.77.203
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ktv.kooora.ws/vod_data.json

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/nw.js?rev=1645&ch=9845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.203 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.203.ip.incapdns.net

Software

Resource Hash

73d20efecdde3219e0d111e816e11bad463c78709bacd116089b315561c531c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:12 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 13:55:55 GMT
x-cdn: Imperva
etag: "bfa209ed"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 2-114041982-114041308 2CNN RT(1630509372859 0) q(0 0 0 0) r(0 0)
cache-control: max-age=279, public
content-length: 364
expires: Wed, 01 Sep 2021 15:20:51 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 34ms
33ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3167577-2&cid=1499771941.1630509373&jid=921356023&gjid=1209779063&_gid=76364586.1630509373&_u=aGBAiEADRAAAAE~&z=1470030930

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 15:16:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.kooora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
35 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FW5FX4

Requested by

Host: static.cognativex.com
URL: https://static.cognativex.com/scripts/cx_script_v20.0.8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ed5154aefbfed037c1a7ad9fb6de7191d494a21244863fa72d6940ba8a482d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35593
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 15:16:13 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=142199723&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kooora.com%2F&dp=%2F&ul=en-us&de=windows-1256&dt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEADR~&jid=921356023&gjid=1209779063&cid=1499771941.1630509373&tid=UA-3167577-2&_gid=76364586.1630509373&cd8=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&cd16=Homepage&z=977016792

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 06:17:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32304
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaae.hit.gemius.pl/__/_1630509373961/
Redirect Chain

https://gaae.hit.gemius.pl/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.kooo...
https://gaae.hit.gemius.pl/__/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.k...

693 B
955 B

113ms
62ms

Script
application/x-javascript

188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/__/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=.Ocl1AY9zcBjHZyJilZJf74gGI3UvhBsJWYIGBjJwXn.n7&vis=1&fpcap=
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: 935c74a1b9c5bdcb878cdc9c7e32a00084d33e7a56a10c20fb0a4c01955cad57

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 693
expires: Tue, 31 Aug 2021 15:16:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=.Ocl1AY9zcBjHZyJilZJf74gGI3UvhBsJWYIGBjJwXn.n7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 31 Aug 2021 15:16:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 45ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=562459823911593&ev=fb_page_view&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1630509373964&sw=1600&sh=1200&at=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 15:16:14 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
70 B 90ms
71ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3167577-2&cid=1499771941.1630509373&jid=921356023&_u=aGBAiEADRAAAAE~&z=1418371477

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 67ms
60ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3167577-2&cid=1499771941.1630509373&jid=921356023&_u=aGBAiEADRAAAAE~&z=1418371477

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 53ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1506063979515344&ev=PageView&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1630509374127&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630509374092.639745548&it=1630509373305&coo=false&rqm=GET

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 01 Sep 2021 15:16:14 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3FE1 232 B
431 B 237ms
147ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=136014318d10218793f617d8ebfdefbc6a6b1c8c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.kooora.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:14 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 15:16:14 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 4a6fe9108750dd163dce1f65259d71878cb5e65a30f712a58e94b02544ca5e62
content-length: 166

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 48ms
7ms XHR
application/json 2600:9000:206f:1600:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1630
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1600:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 02:30:34 GMT
Via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 564340
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 19
X-Amz-Cf-Id: 9th1Ifp01vqpi5yvBJGYjr6-feLfZhbm48RoEJ78aWl4jslAfk7UkQ==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 108 B
455 B 185ms
42ms XHR
application/json 52.208.239.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.kooora.com%2F&vt=b8750a1f-75cf-495f-82ac-973051ee705e-17ba1ee9b0e-0232a99f
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1630
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-239-191.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: b8c3d9c23fcfbe1c411277261e36101159f4e51c9b3e0317f7e48b934958f71c

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:14 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 45ms
44ms Image
image/gif 52.208.239.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t1&vn=e2be7c7&tz=2&pu=https%3A%2F%2Fwww.kooora.com%2F&vt=b8750a1f-75cf-495f-82ac-973051ee705e-17ba1ee9b0e-0232a99f&vi=76e33649-2cf0-476d-a300-3b98d9eae7d6-17ba1ee9bd5-b5c8f848&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&te=1534&sh=1200&sw=1600
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-239-191.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:14 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 xgde.js Show response
gaae.hit.gemius.pl/gdejs/ 54 KB
19 KB 126ms
50ms Script
application/x-javascript 188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/_1630509373961/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.kooora.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=.Ocl1AY9zcBjHZyJilZJf74gGI3UvhBsJWYIGBjJwXn.n7&vis=1&fpcap=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: e25b605ba1adfb5e38e4342ead7253da4b9ab9871b3c22ebb26ee6b624dce4eb

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:14 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 06:33:51 GMT
server: GHC
etag: "60768CCF0000D7B32E93DA3F"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19239
expires: Thu, 02 Sep 2021 15:16:14 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 70 B
405 B 85ms
42ms Script
text/javascript 52.208.239.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1630509372889_2

Requested by

Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1630

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-239-191.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

30edf64a77f3b2abb906dda068c61991c5477d7b04a72ebda05cf3de695a8ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 74
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 137ms
106ms XHR
application/json 44.198.115.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.198.115.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-115-38.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 15:16:15 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 465ms
110ms Preflight 44.198.115.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Server: 44.198.115.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-115-38.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.kooora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 15:16:15 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
H/1.1

200
OK

$_BK_UUID
collector.effectivemeasure.net/sync_webhook/oracle/
Redirect Chain

https://tags.bluekai.com/site/70551?redir=https://collector.effectivemeasure.net/sync_webhook/oracle/$_BK_UUID
https://collector.effectivemeasure.net/sync_webhook/oracle/$_BK_UUID

35 B
288 B

68ms
42ms

Image
image/gif

52.208.239.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/oracle/$_BK_UUID
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-239-191.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://collector.effectivemeasure.net/sync_webhook/oracle/$_BK_UUID
Date: Wed, 01 Sep 2021 15:16:15 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 9fc7
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 70 B
405 B 100ms
47ms Script
text/javascript 52.208.239.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221630509374771%22%7D&callback=cb1630509372889_3

Requested by

Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1630

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.239.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-239-191.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

e3638011012a4c314ff66003697879ffe72b0341c9626c7fa191b1107a6c6167

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 74
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1506063979515344&ev=Microdata&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1630509374837&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fo.kooora.com%2Fi%2FkSquareLogo.jpg%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Atitle%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%2C%22og%3Adescription%22%3A%22%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%20%D8%AD%D9%8A%D8%A9%20%D9%88%D8%AC%D8%AF%D8%A7%D9%88%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%A2%D8%AE%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630509374831.750352553&it=1630509373305&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 15:16:14 GMT

GET
H2 200 xgde.html Show response
gaae.hit.gemius.pl/gdejs/ Frame 796C 303 B
360 B 100ms
77ms Document
text/html 188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

:method: GET
:authority: gaae.hit.gemius.pl
:scheme: https
:path: /gdejs/xgde.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

date: Wed, 01 Sep 2021 15:16:15 GMT
expires: Thu, 02 Sep 2021 15:16:15 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip

GET
H2 200 xgde.js Show response
gaae.hit.gemius.pl/gdejs/ Frame 796C 54 KB
19 KB 89ms
68ms Script
application/x-javascript 188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: e25b605ba1adfb5e38e4342ead7253da4b9ab9871b3c22ebb26ee6b624dce4eb

Request headers

Referer: https://gaae.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:15 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 06:33:51 GMT
server: GHC
etag: "60768CCF0000D7B32E93DA3F"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19239
expires: Thu, 02 Sep 2021 15:16:15 GMT

GET
H2 200 tagger.js Show response
tagger.opecloud.com/dms/v2/ 959 B
847 B 120ms
43ms Script
text/javascript 3.127.193.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/dms/v2/tagger.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.193.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-193-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:15 GMT
content-encoding: gzip
cache-control: private, max-age=3600
p3p: CP="ADMa OUR IND DSP NON COR"
content-length: 504
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1
https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1&trackability-redirect=true
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms&google_tc=
https://tagger.opecloud.com/dbm/opecs.gif?state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms&google_gid=CAESECE2mgbiEbDeOYAJKYU4bJo&google_cver=1

35 B
220 B

38ms
36ms

Image
image/gif

3.127.193.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms&google_gid=CAESECE2mgbiEbDeOYAJKYU4bJo&google_cver=1
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.193.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-193-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-am17d1cdFi9%2BZkRmwXUirPxUQrv3&source=dms&google_gid=CAESECE2mgbiEbDeOYAJKYU4bJo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

redot.gif
gaae.hit.gemius.pl/__/_[TIMESTAMP]/ Frame 796C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm&lsdata=-NOTSUP
https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm=&lsdata=-NOTSUP&google_tc=
https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=-NOTSUP&google_gid=CAESEEdlczCemjYLkvAIbWNncX8&google_cver=1
https://gaae.hit.gemius.pl/__/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=-NOTSUP&google_gid=CAESEEdlczCemjYLkvAIbWNncX8&google_cver=1

43 B
224 B

101ms
94ms

Image
image/gif

188.68.250.242
SPRINT-SDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaae.hit.gemius.pl/__/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=-NOTSUP&google_gid=CAESEEdlczCemjYLkvAIbWNncX8&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.242 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h242.sprintdatacenter.net
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gaae.hit.gemius.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Tue, 31 Aug 2021 15:16:16 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=-NOTSUP&google_gid=CAESEEdlczCemjYLkvAIbWNncX8&google_cver=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 31 Aug 2021 15:16:16 GMT

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fwww.kooora.com%2F&ref=&tz=-2&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms&google_tc=
https://tagger.opecloud.com/dbm/opecs.gif?state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms&google_gid=CAESELxZA2J_tBBYWy0MYQB03HY&google_cver=1

35 B
211 B

54ms
52ms

Image
image/gif

3.127.193.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms&google_gid=CAESELxZA2J_tBBYWy0MYQB03HY&google_cver=1
Requested by: Host: www.kooora.com
URL: https://www.kooora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.193.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-193-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-b3eUC5dXienV3Fc0CGeacp7blh8p&source=dms&google_gid=CAESELxZA2J_tBBYWy0MYQB03HY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.facebook.com/login/ Frame 8DCE
Redirect Chain

https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=562459823911593&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22f...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

162ms
162ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df22fd4ef78370a4%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff431f031a8d164%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js?hash=5f6ffa0e2cfa037928410001dc7ff5ab

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df22fd4ef78370a4%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff431f031a8d164%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: GsAz7ZEZgCgZvZivPg356gGEA9yQWBU/uRhlhfxx4GjfbjSzO9DELjjvP8oE1ji3k0Uz8fYArpYHFWhHBbKoPA==
date: Wed, 01 Sep 2021 15:16:16 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D562459823911593%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df22fd4ef78370a4%2526domain%253Dwww.kooora.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.kooora.com%25252Ff431f031a8d164%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkooora%26locale%3Dar_AR%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D300
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbxbs.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: SlYSMyOzylRxyl99qpvw9NXGjmNM/s25/l85jbJ7Bnm6nwySQtF2NJiNNmeka2OFxUIfvyKMHPuc91+2GppUtA==
content-length: 0
date: Wed, 01 Sep 2021 15:16:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 50ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3679d93f32c8a4019b71cd695be75acfcb43ef2ec7c728e45477a379909be8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6044
x-xss-protection: 0
server: cafe
etag: 3925241684353305145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 15:51:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
853 B 147ms
42ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 101ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 131 KB
47 KB 451ms
447ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2109353735665586&correlator=4278709725813660&output=ldjh&impl=fifs&eid=31062366%2C31062434%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=7229%3A22367575525%2CKooora%2CHomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C300x250%7C300x600%2C970x250%7C970x90%2C1x1%2C1x1%2C2x2%2C2x2&ists=4&prev_scp=pos%3DLeaderboard%7Cpos%3DMPU%7Cpos%3DPushdown%7Cadslot%3DSkinning%26pos%3Djustpremium%7Cadslot%3DOOP%7Cpos%3DN_W_Homepage%26MVPlacementKey%3Dtop%7Cpos%3DN_W_Homepage%26MVPlacementKey%3Dbottom&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26pt%3Dhomepage%26platform%3Dweb%26topic%3D%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A6%25D9%258A%25D8%25B3%25D9%258A%25D8%25A9%26country%3D__%26path%3Dwwwkoooracom&cookie_enabled=1&bc=31&abxe=1&lmt=1630509376&dt=1630509376376&dlt=1630509369265&idt=3568&frm=20&biw=1600&bih=1200&oid=3&adxs=317%2C315%2C315%2C0%2C0%2C951%2C951&adys=58%2C691%2C0%2C0%2C0%2C1010%2C1422&adks=1849622489%2C1210273051%2C4116334476%2C1073378467%2C3238449015%2C3314042845%2C3314042817&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.kooora.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x90%7C300x3258%7C1600x4709%7C1600x4709%7C1600x4709%7C660x1545%7C660x1545&msz=728x0%7C300x10%7C1600x0%7C1600x-1%7C1600x-1%7C660x0%7C660x0&ga_vid=1499771941.1630509373&ga_sid=1630509376&ga_hid=142199723&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2e889eff11b48aee5a7976cdcfa16a5bb2e10362672d61b06aa893bb95c4a840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47789
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kooora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9270 6 KB
3 KB 41ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 15:16:16 GMT
expires: Thu, 01 Sep 2022 15:16:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D67C 6 KB
3 KB 15ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 15:16:16 GMT
expires: Thu, 01 Sep 2022 15:16:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&m=0&ar=9658760-clean&iw=928ba56&q=1&cb=0&cu=1630509371769&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A2885%3A2885%3A7241%3A3223&fs=194409&na=346716039&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:16 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:16 GMT

GET
H3-29 200 container.html Show response
7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B8CF 6 KB
3 KB 26ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 15:16:16 GMT
expires: Thu, 01 Sep 2022 15:16:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F28E 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 15:16:16 GMT
expires: Thu, 01 Sep 2022 15:16:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 40ms
25ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1fffc11e4066dc66050fd7c31865139fcc80ccc8196747091cc28c2a3debb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&m=0&ar=9658760-clean&iw=928ba56&q=2&cb=0&cu=1630509371769&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A2885%3A2885%3A7241%3A3223&fs=194409&na=256099098&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9A0D 624 B
350 B 35ms
32ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiejLSzATAB&v=APEucNV2GkLZJb4vwijT6In-GbtVlYVtOUaqIMht8zzQGJkWnUHI6SxQPxSDOnyujVTZjJkPDZEc1xsvdQoDAbPsZQLzeFPbpLPmBI70VaSXdlc74x2qFiiKARiPS2W-UizIZhJz3SgvfUfG7Q2Ejh9XJVDD_o_v-REvhSg6In6m3BONi_BpZAU

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQpovKAhiejLSzATAB&v=APEucNV2GkLZJb4vwijT6In-GbtVlYVtOUaqIMht8zzQGJkWnUHI6SxQPxSDOnyujVTZjJkPDZEc1xsvdQoDAbPsZQLzeFPbpLPmBI70VaSXdlc74x2qFiiKARiPS2W-UizIZhJz3SgvfUfG7Q2Ejh9XJVDD_o_v-REvhSg6In6m3BONi_BpZAU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkeuBKjAMssf9VTqccyjN9lOa7lF87YX2wnTMXEkoOlg_rGf9gyeNa6W95_OI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 15:16:17 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D67C 25 KB
13 KB 90ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8LKZEPuLG5gW237WIIDvml7SlkbayFZeERfEaUqIb-wdr7c_ltNWZL8GzBOZfI_tPp2Lz_bHa9yTuac4pPOXpaX0B6Y_xCI9N3p6bV1VVI2PlinM-VvL0Q8l3Gn5Uop9x-PDlpnxys3Br7nn7195NojNDEg&cry=1&dbm_d=AKAmf-CilVb9UTFJAso266ZD-4jNj47s2sNbE3ogC2Q8o3ChB0679KAg8SOgwBXvnNMHqh1udamciqpx_s5hZTfWckgA6NMwji4PvhiaLXK-J5ExWqNpVnAitH8fiXremmLRRXPVTrGC7GQbYNr4vyzr5AaecvlPDRM1_2Gypt5lsgOtxKm4qxPV45GzqRymyyzbEJO2NHGnRkQSDu8c03K0XA9H1J-hgCySy9t_ap1zqk81NxVVq6Qk-oYcrblEEVB6gKQSrAYtlgU17LpSLprjMlLrEF5r46AVeIHkupeCG3fXvTXysnLe8YWQD_f_0jLSTdTMnJKqGxGCdqssTQV7l-xXQuFLj7o9E1cfGw945rktM-nSa5WSg5niqfxRDPV0VOnr62l0fkvb-PZEn5VyLNfCDdn0k4VjJUXFbVREX-uydwYH7hUXxrIpdrbi-TOZO5QnCEn2rdLzdI293NCD4_-_eDGvmTsOMYAJsg66O4H2Qqw5kyFHyDJQvg2qJULNSvqV4BWEo0ZA4jvhlA0PbABvAD820As9Gws6_rqMs_NfPInFgCFZiDAyOSsaJqi6Dft8ej81bUpjOzAjv62Ebnx7s1tGmaoqKw8h9rxYakEQhAoIDdEgkmn63rxd_g4UiyZNAqAs1NEsbe7odN_gJTKvFMg2NEoHvUn6RL8-qdi-Loe59cY2yBuKojYZu_Qxh1XBhIJOMb1SYacMrRKVqFJW2bTTEJWBFrPQ8_SbFPzllMoFPazeKmhnkp_fHJNJKM0jyndPvBZcCsZQD093j8VlhqqwxFXENXDvOSK4Z6HVoDXBnD92438gK8LgbDBEuz8tZ5VH36rMtDs0USwWVFAeMyJRm3ki7BcxifQr213cUB3-mjCjLgdPVyU7JSQSanx7e1mzBzFdc35D6TMTOOYnJg--24MheFVhjS3Ini-tTh9Z0UdtD4OeS3kdaAKwdV0Wi9HkLc9xCl4Yb4iFl1zzI7xQ7Lx19Jnoh9FMd7oGI78CO8T1KufStAZIGWhf5meDjnlIhLDWX9uTgmdb1eidcQH57mv4V0ihLz8Qoxc1xWbtGgb6n4Eh2YRbby_CZLcgKCz1eCfFXRmRdkwF_Ztzwv-KYf04-sfgTquEldznJiUsUcAImJXNXi9UeESHYGPY3H5kk60Xhjb7oVfM68LAHaIdtnwRMoIePz9TmBP2FvkRFeD5d9iG0zkaz2cN_Es5zwJm1ahWVryp05gTEkVUDFpWO4MbdQXq7z1W4Xj7neqvIXxoTt9lBR9QJnORWdEaZ4N85beJKC0CyZHAITvLxeR02Ke3OnT6d6ftMo7jbboAmXXX53HT0ZbG9uDf7znQNin8mItN2xnhU8viFwhMoLuuHN-QjKLpxILmOu9pxW-_wECbjUdJ6MWxQzxEJIAzzon3tgOe2Jk_QCB5mXZqYv9k3342sLbE5i1mTIyQI_92OMgqZPNvvCIWBHR8HNGxGDL56PEAsNQpYpQg9L9KUIDCORe4aB85ofDfZNf6upt4SmVNfCa-NsKDykAxhzGjgAfirrXlXyNcZwR-4JSJ1_EzONt-ofjFNqg1oxKikHSOx3tix7gLBgo4KWHcIGprrxMpYotj5NRMesX5iR8VkZyd5PoCjDjhQOdEsH7_Mh4hkhwq7pyFBAr1qELZCAWVKnFx45HvUeBqlxTkeEKpGRAnJbSlwQjNJ41-A8wI1ogql9gqPn1yFjA9Oz98zL2s7M0ihNfjVi1YFHA5XELQvJX2sOz1qzi5d2eQ7XU-hvuBc0noM4y1UENFPsm5iGJZhqykJvScoWvX1Npg_ui5ZNVSN2UKSe1rDiUz6MSXFyYruhJLnVtlI8NeRxi4uk04aJt7g_bXrUNlW9gB2EzhIDLMVDxwsP2yJkw421vmEqyW47PV4VWPkYjSXPlOPYXoFp10UhTsJn_0YpAcplBB74AyDrRejCHEPf8dns5RXJ-X6HidM52QYLUJ7O0qH7C4WZC9tpKDB2__kLlPnZAAQdWS7Mf6gZH2RPaXM0SA8HOnObAfLbG-91lw7DqY9MHqFp-r6EQX4-aS_2CooMTkZvDQ-qAYdFlJ94DC2XW_CAHc5v9yQD15hJDbUgRig966Hou60CqJq22gcXiSjUYCcNCXDHGVAKQJN5Eo4X_bD7SmSpEbfTcfbsIDeqJiTsn2poZJ7ZFPpH56tvUSLCAEJqNo50AYTWQhBancj4uKmtcisUuvmASi6nQKNgmE6_121PLKFzkzsYG1B52AC4Ob_oFszuRnn2HWaNPgv7FAZxzwtLkJaLdcSk3FHuyWH0W3t_tnGmT94FfUmozTKFXuHB8AUcJVNppF3_6RvpAPTt1Zq6f1ZwFkDuMbmLtTqTU_3pwWj5PsEtxfzJ1I0avw70SmwtvBCm4rX8zxgS67fYDawSTaEe0DYS-X_1K8RiiWaL7hKwe_zxNTEALtuenuweY7QEePpgSRBlE2XV2w4ojQmPz46qQ2DvFhD8eGaRynnPMuA88Bowjt4yxMBONeOMW_BzTSJMIf60B4eX0b3OtmLfvWW9LfKvxaEEBi-r70cOCaZhaF--ZhBC1b4WE14OU-8_64GqcicZ21Lc72byRHejQAlFXCplRNLWLULDGLIwnhfl0THpX0PLFx7U8uFydhdTatGdGqJblCOkVh9zX3tLamHoTqErYcPhed4-u8CBYtudVWc2uvWNtfArNpjfVSo8r0fGjr-XyqTRi5vLKKBVcltYBfO9dcewQkUSjp-_0ouQXbtOQfpnvEj1EYBiGRAdIsfbq6EG1sov-seC34nUDRRjaiYHL1h31UbzcKvcHr5djzFB3tS10rKad5IHAp-BcdK_XxYESrgQb7kQWZ1Gemy_lM8IKn893BiU120rhDv9O8tejinP8MWdhbm9_4-roBV4kVHGDJ55gh_VgBZAcn1X2AIIUA5C06RpOYudCrYwDrSVqwgxIGe5XuDcTuYf38ZLg_UtCfYDji2W3LDxlI4Pix5e3H3wMYDVAjXaFH2V6_M3tYBDQuha0tBVb8n85L4jSXDlO2Zh_bSWMtTRgL-3ysjtWHtrqcZSL0wWbwUDph1MufmkP8TDqsUhmpdA&cid=CAASFeRoszfQi2xOqjP0pKXf_-mPmv7XTw&rfl=1%2Chttps%253A%252F%252Fwww.kooora.com%252F%240

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15f3beacaa636b36c2852ed39a4847f10825e73a83f9e541dff90c74a2c25825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D67C 42 B
63 B 103ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AT1PHk7OGxqF6VPlGF2rgwvBf8G3yluo_F2Fa1P1OHob0d6JBJ8vuS0p1Td3HJnnbLHRK1jtHpgUCeUtOlpNDVJVOJGq9zDPZ46eNhh-AZwkMmnwU

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk Show response
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B26449185.312580626;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/ Frame D67C 57 KB
24 KB 817ms
74ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B26449185.312580626;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CRrtqQJkvYfbzG4yV9u8Pn5mjuAuJipjzZKD7ydOcDtrZHhABIMHOgR9g-4GAgIgKoAHi3dvLAsgBCakCiOTI7WTSsz6oAwGqBM0BT9C2BcyyAMBhdpq0v73IDr4Lb4Hxt_XTWLcRAf1QBWr7hW49dyetz-tYRzmpK_oi3UiILQ9Nt07w2MAz-XeFbXuphEirrJFcN_Bxkh35onMQVdxOOlasKi_-pSINQCTbubHTAwJsImIaNweeKnx4DdwLHD5v-B-wCzWZJc02iiuxF2et0lxH-EBvYG6VdkgAhN1KYIi-cUW6EBESkyVjM2te3HfuVGa2JujvtsScpoaymUMYZHIkTGgzuXGRtAcEE6U8t_8EfljWfX0HKcAE8sH0vrsD4AQDkAYBoAZNgAeGoqS0AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0yNjYxNTEyMTc1MTMwMjEygAoDmAsByAsBgAwBsBPEr7wM0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASFeRoszfQi2xOqjP0pKXf_-mPmv7XTw&sig=AOD64_17eHY7cPlwU1kqPoJpRkncl01aig&client=ca-pub-2577219840435371&dbm_c=AKAmf-AbKPABUTP3mZAZ5brHjl0AxqSD010cg_zXVBx7edNYfl4lrTndrNFmakhOlfwNfzKQCR9YmtbKmacjKLbBV1UFB-LwrQyG3XVzNFeRNnO4tbTWv0AufH7jyHkdB5NGxMR9oxgX4h0hDJQ8mx-6UCVhqJyiYw&cry=1&dbm_d=AKAmf-D6JceTiaO1qctHJJ1tMPV9P2ft6tOrSgvYcGnPj4Qs9wfaMu5kMCfwFsABLP44WDlv0BQKFO_gVKAk0qxlC_Gb_Qq7fD117AkN4l73fX86cwH6JwTUMDBtMGSv2rspesSdkJlc81SjSyToUsQfQri7htj-p8tfD1k16Pjzqq-XGf-JdPISyQm5ARYqRxESOILl_6ak6u6tb88pWnlRwwd7yqyRET_oEHIpDYmrGImMyyfoTxd8WF6414wNYzdyAVrrSh3pL9V6848azh7bd4bBaXMv8aC3XPsndvBV5n1AkdfSLFp6vZM3LOVY23g86tr7ZNjCxyr4WfMBaykU4MZQsweYQyiOaqQx3EYnmX-U1mO0_rRGFwtN3f-j8467hePlWAcL_qbeUJTeJ5qIT6jHeymvJQHOXa0k_ZPEWWJ6Fc45N0Zk3E6FEmgSYHfPRsqMFtjI&adurl=;ord=1630509376457206;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f5954ba1b62e5210615072f60b1ba2fdece64535739a6fa34d7c5f8cd3a83f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame D67C 2 KB
1 KB 77ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:13:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D67C 122 KB
37 KB 85ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame D67C 14 KB
6 KB 78ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:14:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D67C 0
0 90ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSV70qjqJfaTZIrlBv-chYG0UNun6DMOehBv5fv182I_vCXjyNN_LmEsSk4zltfjtGCP1VFczRDeFXFfmjMVwoecj2sgg
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 21F8 640 B
316 B 19ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkeuBKjAMssf9VTqccyjN9lOa7lF87YX2wnTMXEkoOlg_rGf9gyeNa6W95_OI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 15:16:17 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame B8CF 18 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 14:40:44 GMT

GET
H2 200 5618845452119371650
s0.2mdn.net/simgad/ Frame B8CF 95 KB
95 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5618845452119371650

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a958efaed3edcc33703c323b5d89a14d27f1ef19077765d8dfecb71ca4752c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:00:02 GMT
x-content-type-options: nosniff
age: 11775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96834
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 10:50:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 12:00:02 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/ Frame B8CF 6 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:13:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B8CF 0
61 B 704ms
132ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssghx_vXkDNQRn1Ico4DOI-l50RevAkfAjtaCdI6WD5cfQb0ck4-O_X6GWCcMQaZyBq2Yg2jycUbsNumrUvjtdciuQUWd4aRXvA3NV5t_TpFvg57oDI54MlklX5bMn_IPACOFsy636k1qkd4KosMCd-RAPbQZe6ktsJCk85A7JV8KVgJrAesTp3nQBZ8lRizlsv990X9xeoLHrJc0p9kphS5B2H2iDkWYAQX5mWwL0In6-sQEbBUUBdox2mNDLjxNobgJKdD8PoV8dJpiNHpIj6KFr2B3z9NBx-rp0f9AGCMQq6KMNwoB9qLpLIomuCc8ykHnwdS5OLpteXrvHmb9CB_dDNb3UlYlMZfeQHoQlPBdGs4wn5bU2NyQlP0D1mrNfqYeyHdstVZY90Tc4XZ2iB8RlOz1nRr8RDpw2DExnwt88bMaGxuryX51B3Zyq235bTVYUmtM2c-BOOIqz6ZSjduivbEkkfibgpRdcuh-At7NEhGlNczjntwRFLyL6SoU0cbZ9BtzUwA_kkw2BPi7Vt6hsDFS-8dknxaSiZqnYXcqGChjRWjqd42mJHp0Eu9wMihghqS_tIRzWh-hkMLSzq43P5af-kyvrctESiehAkh1cw-59RpKxiJD4SPYbAzuWEMltLe0_mrw7BAOqSWZT3erK28WpQpVOjWQUG2969JMM10PXvwpd85fqfIXD780jMJBl4I_ZXyyA5PSGiGmnsBNe4DpJqxFSzqiwDtCNuS6AnESwMONqQcdn0HazmYHTtgnZaHT57mdJ5jeW2AO5m95XcsUWVo3LseNtzc-HTigZclhEMpxKLQC9dQLqbZ3fMO00JRc299evtwn4OM6F19MUOaQB6nh7uHdKo91DXIPOSNAnXKCY6d3t9PGxmK_cL1D11DtzM036_Cb79FPXyqH0rQYT_EI0X2VQwx28GsOdTYhYObPwyOI5iCV8bvQOOmmgZI-NM0L40c_-uKJ8Jt4dSOUZPLKDsC5XI5VAKpneKQ4GhlpHXTYQZBhyVxuaCIMB8w_8p31Zvww3W1Uz1JQ3XubuwANMCbUUEslKgB-7BGAdjkW55x_AxGsJNeWHRbadWPmkjoLbK_yj_GYnE5MqQx2pxY7ELaTqKEgSUS7rYINJH8arRmtA1TFJs_wSrYfmx3A&sai=AMfl-YSVk9WKdPYUHXPuPmUE83KIgXZhponYHsMBqx-wWkrR-CMGbG2VxQ2sws_W3hpnWwseW-WDJEYA-F4fhKIj0MQiEU8IMzPnimd2WBEHkjJHiyvpm3Tz05tk-Cs_s9-Jo3Yqe2Ntsm2W44KmHZgtJP7VfV27E7IZJxJ1DEm-21AaFoHbTnFZn-An4hNcjsJSjnnsgA_nYtkOQPjJcqRnQKxCryOaxB_7R1PyjKddxNOe1bnxIsY27i9Ohtxw5JGxybQ6Qa9xnd_7aW7G6umtVo1QmFsnFHnWpl_k&sig=Cg0ArKJSzF83KEF81xOqEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210830.38791&adurl=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Sep 2021 15:16:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B8CF 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:04:49 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8CF 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9IlLTdQ3GYHqnKm0RbWc0R4gEE_VnNg9oCWlAc35rIU_zRf5IoizUK3yo255APwxg85gv9l8U9CbTpbVVnFwaHdldTDbWZdMgTqXb4CtA-yNKYAc

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame B8CF 2 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:13:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8CF 122 KB
37 KB 42ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame B8CF 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:14:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B8CF 0
0 34ms
29ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-6XqnBpz0rs39SFX0ajuLaWsEWDToTlC9kB8BCrcDFm-gFXxPY7c4GmzdbFaYIRlsA3uXacQ8JX5muqo_-swTItAsCA
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 007A 640 B
316 B 19ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkeuBKjAMssf9VTqccyjN9lOa7lF87YX2wnTMXEkoOlg_rGf9gyeNa6W95_OI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 15:16:17 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame F28E 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 14:40:44 GMT

GET
H3-29 200 13136979742579643331
s0.2mdn.net/simgad/ Frame F28E 97 KB
97 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13136979742579643331

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bf988a152d9851d9b3d75b99c9c1a807301f83ef2afb7b8f9aa005cf673fd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 19:17:28 GMT
x-content-type-options: nosniff
age: 590329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99657
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 10:49:52 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 19:17:28 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/ Frame F28E 6 KB
3 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:13:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F28E 0
107 B 586ms
96ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnrqNsewEEyi8KA80XTQ0IXlYriu-M8GWETIJ5Zodbgw2E1fxPFEFfGIY1Z_bMcFKOfL_YXkDAKH2xphpwtY1l1lb3gLA1veIutAE_Leu2csPjcORotpsVTMs8pQUI5VtZE9-h3s393HZVAO13U10U0oKjugVMK9PLpW4eNLXE1tJIN8SFj8xMkOIVJ3uO5L3HhOe3Ie9tqCyxgfwzSWM8lBXF4CHpo27HhtbDeJcegBs31f816Lf7l4Sq-Fos0GFYBRkWkmI9lP-XjYkRe0WRd0Vip9VrErDAeTGBOv-JSPRGP13W-8zmm8EhnAvRsWL23ZLIS1XWq_UkNmDzR4McEBKG9JQgbsioEXRMM1h3Ei1rtyEK5wz_0dSQj-6Jb5yNwknY_J8jmoMOCLeRb-IkuAgEw7mY7HrmYOQGjGfqDS1TxZd6D0gUDKM2T-MKX2PG4_sf3ZRouzMq0k97dF386eUsOnzuTZF_I2de5WQctzcKNHY9w0JDrbnBwwJuJaD-42QRYTh7ZqN_LEs002d1f7b6-Q4VrWF_o_TAeZOSyWzkzFrryaCUCFt5WR4oS-pboB7PpI-gzzon0cA4pZvFiNl6xfcOw3q6UEPO3qErvUIhXB9zkurhSWzfqxiGMUiaLD9rMhcgx9dSKbGLT2J930K-z9vSNYfOYimwwAvcy2oCNz9smBz2X9Ln06SaVg_bWiqu2-boeLvg4Py-cU9dD72epzGh_mJrD1c2No1R87QsvObcNias4_dC9BndoSb9fZ66T2xsXf01_hlMmgvOhehdTctqgaG8Np9q50vwP4nhBryp5BimLEwB1vJhxgXEj550jZSc-7K4iQyrwzGGz1L76HoB9EvFh2Pm8oshBXPzkMEXV0-OJAPGKG74dpmNMx0y5mPqfU4x7rm2FiARlmVlP5h0WDyAKaDRgveZAjX-cjF-YELV_Vk7q8zaFKZuLPH_zbl6mJP7lEEOeRLN-i2CeYEIIm__3sCzmkuVBp2vE9KfyyO_8_CmrORpds8vjShlhh3j0I9IJzqBb4KLoQEH674w2Y8OBHSAcMLLXdbv0XLoG__4LnP0zwf_0NC6eH7T8SkKgcqEDF4aZif6jV2LdkAi4Yjxyt2yWU2m_Zi5RTvmNEyUIGiGMUU_iRUnFhPUsQ&sai=AMfl-YT-sFLVZji_YeP56BZ90wQQ_gpCheyFphHu4VwacNVqMQyCx39WWmE1pQlIbUVufUgcdLTGDFrlI9dxVWPi9UosPfZiNY_DSZNk-hn74v97amkgIJ35piv7DEZWu0jP8LJ58kja5G_W44TlJAlveiB-SI0O0DonVb-GZbS8rgOqcrWwUb46YqmiclZTbdFpVMjsttK_jmwuPaTu7sA3EqUYw3kQFPnvlZCzLV75OzIjbvj8HOMFAuNfUxIiJUIY3nZVj64KMBF6IvHCDRwi0Vh3W9RYIc5Wvaw_&sig=Cg0ArKJSzFnlrXaDZIflEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20210830.86813&adurl=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Sep 2021 15:16:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F28E 41 KB
15 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:04:49 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F28E 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2zC2wSVKEboenayH7Gxa1puY5L-2Z6SmnMizeNiqPdDYwTdIKbavNOkWRJ5xEMqkv_KBsiC9n_ZG55SVV3uC6Da3Ft8A9kzOy52kc9MmDfN0IFN4

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame F28E 2 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:13:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F28E 122 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame F28E 14 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:14:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F28E 0
0 17ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_lr2-K808KMcUuq71afiAZ4U-3OsWOuxw81RioOCNZIZeQ3i-tinuG3sNGfSBOUydj_d35mYAU5VvWPUdKvgnWbEZIA
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
38ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&m=0&ar=9658760-clean&iw=928ba56&q=3&cb=0&cu=1630509371769&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A2885%3A2885%3A7241%3A3223&fs=194409&na=1148739990&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame D67C 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8LKZEPuLG5gW237WIIDvml7SlkbayFZeERfEaUqIb-wdr7c_ltNWZL8GzBOZfI_tPp2Lz_bHa9yTuac4pPOXpaX0B6Y_xCI9N3p6bV1VVI2PlinM-VvL0Q8l3Gn5Uop9x-PDlpnxys3Br7nn7195NojNDEg&cry=1&dbm_d=AKAmf-CilVb9UTFJAso266ZD-4jNj47s2sNbE3ogC2Q8o3ChB0679KAg8SOgwBXvnNMHqh1udamciqpx_s5hZTfWckgA6NMwji4PvhiaLXK-J5ExWqNpVnAitH8fiXremmLRRXPVTrGC7GQbYNr4vyzr5AaecvlPDRM1_2Gypt5lsgOtxKm4qxPV45GzqRymyyzbEJO2NHGnRkQSDu8c03K0XA9H1J-hgCySy9t_ap1zqk81NxVVq6Qk-oYcrblEEVB6gKQSrAYtlgU17LpSLprjMlLrEF5r46AVeIHkupeCG3fXvTXysnLe8YWQD_f_0jLSTdTMnJKqGxGCdqssTQV7l-xXQuFLj7o9E1cfGw945rktM-nSa5WSg5niqfxRDPV0VOnr62l0fkvb-PZEn5VyLNfCDdn0k4VjJUXFbVREX-uydwYH7hUXxrIpdrbi-TOZO5QnCEn2rdLzdI293NCD4_-_eDGvmTsOMYAJsg66O4H2Qqw5kyFHyDJQvg2qJULNSvqV4BWEo0ZA4jvhlA0PbABvAD820As9Gws6_rqMs_NfPInFgCFZiDAyOSsaJqi6Dft8ej81bUpjOzAjv62Ebnx7s1tGmaoqKw8h9rxYakEQhAoIDdEgkmn63rxd_g4UiyZNAqAs1NEsbe7odN_gJTKvFMg2NEoHvUn6RL8-qdi-Loe59cY2yBuKojYZu_Qxh1XBhIJOMb1SYacMrRKVqFJW2bTTEJWBFrPQ8_SbFPzllMoFPazeKmhnkp_fHJNJKM0jyndPvBZcCsZQD093j8VlhqqwxFXENXDvOSK4Z6HVoDXBnD92438gK8LgbDBEuz8tZ5VH36rMtDs0USwWVFAeMyJRm3ki7BcxifQr213cUB3-mjCjLgdPVyU7JSQSanx7e1mzBzFdc35D6TMTOOYnJg--24MheFVhjS3Ini-tTh9Z0UdtD4OeS3kdaAKwdV0Wi9HkLc9xCl4Yb4iFl1zzI7xQ7Lx19Jnoh9FMd7oGI78CO8T1KufStAZIGWhf5meDjnlIhLDWX9uTgmdb1eidcQH57mv4V0ihLz8Qoxc1xWbtGgb6n4Eh2YRbby_CZLcgKCz1eCfFXRmRdkwF_Ztzwv-KYf04-sfgTquEldznJiUsUcAImJXNXi9UeESHYGPY3H5kk60Xhjb7oVfM68LAHaIdtnwRMoIePz9TmBP2FvkRFeD5d9iG0zkaz2cN_Es5zwJm1ahWVryp05gTEkVUDFpWO4MbdQXq7z1W4Xj7neqvIXxoTt9lBR9QJnORWdEaZ4N85beJKC0CyZHAITvLxeR02Ke3OnT6d6ftMo7jbboAmXXX53HT0ZbG9uDf7znQNin8mItN2xnhU8viFwhMoLuuHN-QjKLpxILmOu9pxW-_wECbjUdJ6MWxQzxEJIAzzon3tgOe2Jk_QCB5mXZqYv9k3342sLbE5i1mTIyQI_92OMgqZPNvvCIWBHR8HNGxGDL56PEAsNQpYpQg9L9KUIDCORe4aB85ofDfZNf6upt4SmVNfCa-NsKDykAxhzGjgAfirrXlXyNcZwR-4JSJ1_EzONt-ofjFNqg1oxKikHSOx3tix7gLBgo4KWHcIGprrxMpYotj5NRMesX5iR8VkZyd5PoCjDjhQOdEsH7_Mh4hkhwq7pyFBAr1qELZCAWVKnFx45HvUeBqlxTkeEKpGRAnJbSlwQjNJ41-A8wI1ogql9gqPn1yFjA9Oz98zL2s7M0ihNfjVi1YFHA5XELQvJX2sOz1qzi5d2eQ7XU-hvuBc0noM4y1UENFPsm5iGJZhqykJvScoWvX1Npg_ui5ZNVSN2UKSe1rDiUz6MSXFyYruhJLnVtlI8NeRxi4uk04aJt7g_bXrUNlW9gB2EzhIDLMVDxwsP2yJkw421vmEqyW47PV4VWPkYjSXPlOPYXoFp10UhTsJn_0YpAcplBB74AyDrRejCHEPf8dns5RXJ-X6HidM52QYLUJ7O0qH7C4WZC9tpKDB2__kLlPnZAAQdWS7Mf6gZH2RPaXM0SA8HOnObAfLbG-91lw7DqY9MHqFp-r6EQX4-aS_2CooMTkZvDQ-qAYdFlJ94DC2XW_CAHc5v9yQD15hJDbUgRig966Hou60CqJq22gcXiSjUYCcNCXDHGVAKQJN5Eo4X_bD7SmSpEbfTcfbsIDeqJiTsn2poZJ7ZFPpH56tvUSLCAEJqNo50AYTWQhBancj4uKmtcisUuvmASi6nQKNgmE6_121PLKFzkzsYG1B52AC4Ob_oFszuRnn2HWaNPgv7FAZxzwtLkJaLdcSk3FHuyWH0W3t_tnGmT94FfUmozTKFXuHB8AUcJVNppF3_6RvpAPTt1Zq6f1ZwFkDuMbmLtTqTU_3pwWj5PsEtxfzJ1I0avw70SmwtvBCm4rX8zxgS67fYDawSTaEe0DYS-X_1K8RiiWaL7hKwe_zxNTEALtuenuweY7QEePpgSRBlE2XV2w4ojQmPz46qQ2DvFhD8eGaRynnPMuA88Bowjt4yxMBONeOMW_BzTSJMIf60B4eX0b3OtmLfvWW9LfKvxaEEBi-r70cOCaZhaF--ZhBC1b4WE14OU-8_64GqcicZ21Lc72byRHejQAlFXCplRNLWLULDGLIwnhfl0THpX0PLFx7U8uFydhdTatGdGqJblCOkVh9zX3tLamHoTqErYcPhed4-u8CBYtudVWc2uvWNtfArNpjfVSo8r0fGjr-XyqTRi5vLKKBVcltYBfO9dcewQkUSjp-_0ouQXbtOQfpnvEj1EYBiGRAdIsfbq6EG1sov-seC34nUDRRjaiYHL1h31UbzcKvcHr5djzFB3tS10rKad5IHAp-BcdK_XxYESrgQb7kQWZ1Gemy_lM8IKn893BiU120rhDv9O8tejinP8MWdhbm9_4-roBV4kVHGDJ55gh_VgBZAcn1X2AIIUA5C06RpOYudCrYwDrSVqwgxIGe5XuDcTuYf38ZLg_UtCfYDji2W3LDxlI4Pix5e3H3wMYDVAjXaFH2V6_M3tYBDQuha0tBVb8n85L4jSXDlO2Zh_bSWMtTRgL-3ysjtWHtrqcZSL0wWbwUDph1MufmkP8TDqsUhmpdA&cid=CAASFeRoszfQi2xOqjP0pKXf_-mPmv7XTw&rfl=1%2Chttps%253A%252F%252Fwww.kooora.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:07:55 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D67C 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:04:49 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B472 12 KB
5 KB 12ms
10ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 14:55:35 GMT
expires: Thu, 01 Sep 2022 14:55:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A85 783 B
534 B 19ms
18ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3cdf8a127feb08de3a6ce9185194aa6316c62ed685ee338710d2a56a6696a3c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rjo8DSgyVMxPds+FCXOlWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kooora.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kooora.com/

Response headers

expires: Wed, 01 Sep 2021 15:16:17 GMT
date: Wed, 01 Sep 2021 15:16:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Rjo8DSgyVMxPds+FCXOlWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B8CF 0
545 B 431ms
96ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F28E 0
60 B 431ms
96ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 40ms
39ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=https%3A%2F%2F7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=317&gp=147.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&cu=1630509371769&m=5752&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=147.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=0&ag=16&an=0&gf=16&gg=0&ix=16&ic=16&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=16&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=32&cd=0&ah=32&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=717538496&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 40ms
39ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=https%3A%2F%2F7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=315&gp=780.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&cu=1630509371769&m=5822&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=780.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=0&ag=37&an=0&gf=37&gg=0&ix=37&ic=37&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=37&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=74&cd=0&ah=74&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1182474246&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 42ms
42ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=https%3A%2F%2F7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=970&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&cu=1630509371769&m=5841&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=0&ag=10&an=0&gf=10&gg=0&ix=10&ic=10&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=10&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=20&cd=0&ah=20&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1081721153&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9A0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPZ8jKuU4l5nUYbc6YHMUQk&google_cver=1

43 B
1014 B

149ms
46ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPZ8jKuU4l5nUYbc6YHMUQk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiejLSzATAB&v=APEucNV2GkLZJb4vwijT6In-GbtVlYVtOUaqIMht8zzQGJkWnUHI6SxQPxSDOnyujVTZjJkPDZEc1xsvdQoDAbPsZQLzeFPbpLPmBI70VaSXdlc74x2qFiiKARiPS2W-UizIZhJz3SgvfUfG7Q2Ejh9XJVDD_o_v-REvhSg6In6m3BONi_BpZAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 15:16:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPZ8jKuU4l5nUYbc6YHMUQk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9A0D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbwTEhLVqjDDYKUZA_sQAU&google_cver=1

43 B
894 B

59ms
59ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbwTEhLVqjDDYKUZA_sQAU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiejLSzATAB&v=APEucNV2GkLZJb4vwijT6In-GbtVlYVtOUaqIMht8zzQGJkWnUHI6SxQPxSDOnyujVTZjJkPDZEc1xsvdQoDAbPsZQLzeFPbpLPmBI70VaSXdlc74x2qFiiKARiPS2W-UizIZhJz3SgvfUfG7Q2Ejh9XJVDD_o_v-REvhSg6In6m3BONi_BpZAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 15:16:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJbwTEhLVqjDDYKUZA_sQAU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9A0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH-JrzDgbim7X1SB8IIfpko&google_cver=1

43 B
1004 B

92ms
42ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH-JrzDgbim7X1SB8IIfpko&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiejLSzATAB&v=APEucNV2GkLZJb4vwijT6In-GbtVlYVtOUaqIMht8zzQGJkWnUHI6SxQPxSDOnyujVTZjJkPDZEc1xsvdQoDAbPsZQLzeFPbpLPmBI70VaSXdlc74x2qFiiKARiPS2W-UizIZhJz3SgvfUfG7Q2Ejh9XJVDD_o_v-REvhSg6In6m3BONi_BpZAU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:18 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0784110b-ee67-4c0a-85f6-706b1233bd4e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH-JrzDgbim7X1SB8IIfpko&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9A0D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 15:16:18 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bf9debaa-002f-4de5-b942-e0505a917c04
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0154 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Sep 2021 13:41:14 GMT
expires: Thu, 02 Sep 2021 13:41:14 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5703
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E593 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 10:04:50 GMT
expires: Thu, 01 Sep 2022 10:04:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B8CF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60084190ea9111fd219bff0b24e83067116122101233f664abf0d5c0e5ba6f9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 21D2 22 KB
8 KB 14ms
10ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 10:04:50 GMT
expires: Thu, 01 Sep 2022 10:04:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F9A4 22 KB
8 KB 29ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 10:04:50 GMT
expires: Thu, 01 Sep 2022 10:04:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 936E 1 KB
863 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Sep 2021 13:41:14 GMT
expires: Thu, 02 Sep 2021 13:41:14 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5704
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F28E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1ff466647803843769ba9537c0be3c999dcdcd472544ceaccc0eb8a81bb6b29

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_300_003.js Show response
s0.2mdn.net/879366/ Frame D67C 165 KB
58 KB 56ms
19ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_300_003.js

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f99e886395e937d9dbb1828e0ad6a9e0ce4f57c734196cb496b1b7bd0c1d8d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59259
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 15:16:18 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame D67C 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B26449185.312580626;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CRrtqQJkvYfbzG4yV9u8Pn5mjuAuJipjzZKD7ydOcDtrZHhABIMHOgR9g-4GAgIgKoAHi3dvLAsgBCakCiOTI7WTSsz6oAwGqBM0BT9C2BcyyAMBhdpq0v73IDr4Lb4Hxt_XTWLcRAf1QBWr7hW49dyetz-tYRzmpK_oi3UiILQ9Nt07w2MAz-XeFbXuphEirrJFcN_Bxkh35onMQVdxOOlasKi_-pSINQCTbubHTAwJsImIaNweeKnx4DdwLHD5v-B-wCzWZJc02iiuxF2et0lxH-EBvYG6VdkgAhN1KYIi-cUW6EBESkyVjM2te3HfuVGa2JujvtsScpoaymUMYZHIkTGgzuXGRtAcEE6U8t_8EfljWfX0HKcAE8sH0vrsD4AQDkAYBoAZNgAeGoqS0AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0yNjYxNTEyMTc1MTMwMjEygAoDmAsByAsBgAwBsBPEr7wM0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASFeRoszfQi2xOqjP0pKXf_-mPmv7XTw&sig=AOD64_17eHY7cPlwU1kqPoJpRkncl01aig&client=ca-pub-2577219840435371&dbm_c=AKAmf-AbKPABUTP3mZAZ5brHjl0AxqSD010cg_zXVBx7edNYfl4lrTndrNFmakhOlfwNfzKQCR9YmtbKmacjKLbBV1UFB-LwrQyG3XVzNFeRNnO4tbTWv0AufH7jyHkdB5NGxMR9oxgX4h0hDJQ8mx-6UCVhqJyiYw&cry=1&dbm_d=AKAmf-D6JceTiaO1qctHJJ1tMPV9P2ft6tOrSgvYcGnPj4Qs9wfaMu5kMCfwFsABLP44WDlv0BQKFO_gVKAk0qxlC_Gb_Qq7fD117AkN4l73fX86cwH6JwTUMDBtMGSv2rspesSdkJlc81SjSyToUsQfQri7htj-p8tfD1k16Pjzqq-XGf-JdPISyQm5ARYqRxESOILl_6ak6u6tb88pWnlRwwd7yqyRET_oEHIpDYmrGImMyyfoTxd8WF6414wNYzdyAVrrSh3pL9V6848azh7bd4bBaXMv8aC3XPsndvBV5n1AkdfSLFp6vZM3LOVY23g86tr7ZNjCxyr4WfMBaykU4MZQsweYQyiOaqQx3EYnmX-U1mO0_rRGFwtN3f-j8467hePlWAcL_qbeUJTeJ5qIT6jHeymvJQHOXa0k_ZPEWWJ6Fc45N0Zk3E6FEmgSYHfPRsqMFtjI&adurl=;ord=1630509376457206;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 14:13:59 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D3E 1 KB
749 B 15ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Sep 2021 13:41:14 GMT
expires: Thu, 02 Sep 2021 13:41:14 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5704
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D67C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b932ed350d41e46eaf77b95699bfac971c067839bd45be73746b17d67fb6bbe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame 21F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1

43 B
61 B

31ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 21F8
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3

170 B
188 B

46ms
42ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 15:16:18 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 21F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm=&google_dbm=&google_tc=
https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1

23 B
172 B

64ms
63ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 15:16:18 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 21F8 23 B
172 B 165ms
62ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGJmx17IBMAE&v=APEucNVJfBmdlnkdzFnwpLOSZLeo_9QJWd4HzkyCDcl3UrJAlRACsrycTLH-_bUyPRUfQtE9tPOLslafK58V86ZFeExrWZzpgg9SZyKInCX7iE3dLtnnrlhufv8xN-S15oCI79FXUFU6WCUYCdpysMCmQPQh5fh3hSWQiCnA11IZo_99PuGhdbU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 15:16:18 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame 007A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1

43 B
61 B

29ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4S53t1BacNJtwejuVhClo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 007A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3

170 B
188 B

46ms
41ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 15:16:18 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwNWE0YmItYmMyYi0yNTAyLWMxNzQtZGM4MDU3MjRjYTY3
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 007A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm=&google_dbm=&google_tc=
https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1

23 B
172 B

64ms
64ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 15:16:18 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESED4un_BI7HE84xNxm8hv8MM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 007A 23 B
172 B 149ms
63ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODW8-gCEIuR0OoCGPSx17IBMAE&v=APEucNUf4xCXHCRj1diFSukST6ZZQWaBpEFSal4qpPN4dPC3aml336Jmw3DyHSqjX9n7YCReWsBOXQIuKl3QOlJwprBaRX9NmZBJKaQ6V7T7VANC6-niz3H45lfos-f-vmXEjLBvWEPs2AhN-CbPUPehQobb_XDu8-wkjoZAbIK_oGFO87-5rnk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 15:16:18 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4647 22 KB
8 KB 12ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 10:04:50 GMT
expires: Thu, 01 Sep 2022 10:04:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 46ms
46ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=317&gp=147.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&cu=1630509371769&m=6871&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=147.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1140&an=16&gi=1&gf=1140&gg=16&ix=1140&ic=1140&ez=1&ck=1140&kw=686&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1140&bx=16&ci=1140&jz=686&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=686&cd=32&ah=686&am=32&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=226321117&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:18 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0154 0
104 B 975ms
21ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEm3O6VDxBds5sMravvdtEQ&google_cver=1&google_push=AYg5qPIuu4Dr3J4o5S0ZQkfw4TR1J28jkuzYN-Jc2eo1IuX43MsMazHVRakowG1O4UeJSiaj5FpMwBkJCDYxhjBIv5PxJklmSalu
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0154
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN8anVokAaxIGRBbgZaRVHM&google_cver=1&google_push=AYg5qPJRfctZXiQukS6a-hEfYz_bfOwPkQXL-GNimDBhGnkJauCqca7hr1I8fIHLBpiYSrVkvG5MgjdEPwcQISeZyxChSoMTUJUe
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5040C34DEA2348DC9A0DB6C4F49905A2&google_push=AYg5qPJRfctZXiQukS6a-hEfYz_bfOwPkQXL-GNimDBhGnkJauCqca7hr1I8fIHLBpiYSrVkvG5MgjdEPwcQISe...

170 B
188 B

62ms
60ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5040C34DEA2348DC9A0DB6C4F49905A2&google_push=AYg5qPJRfctZXiQukS6a-hEfYz_bfOwPkQXL-GNimDBhGnkJauCqca7hr1I8fIHLBpiYSrVkvG5MgjdEPwcQISeZyxChSoMTUJUe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 15:16:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5040C34DEA2348DC9A0DB6C4F49905A2&google_push=AYg5qPJRfctZXiQukS6a-hEfYz_bfOwPkQXL-GNimDBhGnkJauCqca7hr1I8fIHLBpiYSrVkvG5MgjdEPwcQISeZyxChSoMTUJUe
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 15:16:19 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0154
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK4lC5TEHEe0pycWWnHIGm8&google_cver=1&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHk...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK4lC5TEHEe0pycWWnHIGm8&google_cver=1&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHk...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sn3H4REHb1mVNWFYIHOWIw&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHkVDu7XLmjg-Wb9gzIp3p0...

170 B
188 B

71ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sn3H4REHb1mVNWFYIHOWIw&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHkVDu7XLmjg-Wb9gzIp3p03Eh3yc9lLjBJKZcDivV

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 15:16:20 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sn3H4REHb1mVNWFYIHOWIw&google_push=AYg5qPKlW-H2FFlq5CN86j6U0L2QHeW95eqQDolMOeJmDcEc7e-wlM_4KWAHkVDu7XLmjg-Wb9gzIp3p03Eh3yc9lLjBJKZcDivV
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0154
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==

170 B
188 B

89ms
87ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 0154
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0154
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIJlRQ6KFTX6TCY7PwHJYJo&google_cver=1&google_push=AYg5qPLW6Y0qpLfEL27v4kLB9nH2hvwQC-Ke51yGYzDZ2Wjdhkjq46ipSOrNukyoDsYnqK1y0bQvZ0aSZ5sEHZTr...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLW6Y0qpLfEL27v4kLB9nH2hvwQC-Ke51yGYzDZ2Wjdhkjq46ipSOrNukyoDsYnqK1y0bQvZ0aSZ5sEHZTrh11g0PMVsD5k

170 B
188 B

80ms
45ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLW6Y0qpLfEL27v4kLB9nH2hvwQC-Ke51yGYzDZ2Wjdhkjq46ipSOrNukyoDsYnqK1y0bQvZ0aSZ5sEHZTrh11g0PMVsD5k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 15:16:19 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLW6Y0qpLfEL27v4kLB9nH2hvwQC-Ke51yGYzDZ2Wjdhkjq46ipSOrNukyoDsYnqK1y0bQvZ0aSZ5sEHZTrh11g0PMVsD5k
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: lc3fU1zUtunaVDWZmZ8q_IHnDSt0YN88EhTV46B_9B3EGwaUvySd7Q==

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0154
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEP9m875jRRRvBT57_93O0Ac&google_cver=1&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr...

170 B
188 B

89ms
87ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPKj5i4F23eDJLf2tq553UUX6Joi81J8c0l18G1STSZw6Ja5HiUoQlhr17jIwUXFrwLiO4ZEjRa4gQXbQ-4VZLjAwS3g3eNy
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0154 0
12 B 42ms
41ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIxxSnLYAt1fMzNzVX1qVY13yNIInSnHb_Jf5QLkR_xh0VYjHBhf-lgA6HkdGa8MXItQYC

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/ Frame 9284 3 KB
1 KB 16ms
14ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_300_003.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584571c606a56ebc99635c3322285c857c2ace4701980518babdacc55c85a311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1149
date: Wed, 01 Sep 2021 15:16:19 GMT
expires: Thu, 02 Sep 2021 15:16:19 GMT
cache-control: public, max-age=86400
last-modified: Thu, 29 Jul 2021 14:42:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D67C 0
60 B 72ms
72ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCTmvZf_PLAdLiMQUV8rp9nAEFMrJ4tgXiISYZKTUj3i4iPgBEpkVV9b-1PUNYDaQshBP_uoGuPaIwRz62CdWECuPytxqxND6XKVjPKH-AWH8IN_KD2x_2GygwMc1hIMswqX8iw8gil4eNhvDIbk9LiFwYB19BocL7u1thJo0bQ8Nl0Gd1WmmrBNFfKShRMPgiAmXShV9ii79s3pDIBJDYxrcb&sig=Cg0ArKJSzMepmqcPHh51EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=460&cbvp=1&cstd=450&cisv=r20210826.67353&adurl=

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame E593 35 KB
13 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:06:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=317&gp=147.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&cu=1630509371769&m=6872&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=147.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1140&an=1140&gi=1&gf=1140&gg=1140&ix=1140&ic=1140&ez=1&ck=1140&kw=686&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1140&bx=1140&ci=1140&jz=686&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=686&cd=686&ah=686&am=686&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1008903817&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:18 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame B472 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:06:02 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 936E 0
103 B 832ms
22ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEm3O6VDxBds5sMravvdtEQ&google_cver=1&google_push=AYg5qPIDmycUnKVAuzZDUnTdO9ZHXrMjL-7Rndx9k4x8HxgBaUx7XagnZiLIRQ7Wqh96OTtIIbOAzu9glwxdHUrSEW7iE7suvX-Z
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 936E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJpF6fIpQGKAscrtdU9exVI&google_cver=1&google_push=AYg5qPKeqd1g0msu7vS8tIdZPmXWv8ON2LuXxdlZWrEgkahc4a1DUq8N_flJRB8Ny0sx-h_C9w4eS5Eo2br0CPn5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKeqd1g0msu7vS8tIdZPmXWv8ON2LuXxdlZWrEgkahc4a1DUq8N_flJRB8Ny0sx-h_C9w4eS5Eo2br0CPn5t4Y-veyuq0CG

170 B
188 B

60ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKeqd1g0msu7vS8tIdZPmXWv8ON2LuXxdlZWrEgkahc4a1DUq8N_flJRB8Ny0sx-h_C9w4eS5Eo2br0CPn5t4Y-veyuq0CG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 15:16:19 GMT
Server: MT3 3893 e707801 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKeqd1g0msu7vS8tIdZPmXWv8ON2LuXxdlZWrEgkahc4a1DUq8N_flJRB8Ny0sx-h_C9w4eS5Eo2br0CPn5t4Y-veyuq0CG
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 15:16:18 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 936E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPJPB7uKgcEY0ZbcjHmOi--as-gDimNHZS9JmGghn3m24019_9mvy1fJ7Sc767Lm9Yy-IdHGj50RhvJ0l1ochSYe...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCMzZLt_nj3x7rpDeUsyzU&google_cver=1&google_push=AYg5qPJPB7uKgcEY0ZbcjHmOi--as-gDimNHZS9JmGghn3m24019_9mvy1fJ7Sc767Lm9Yy-IdHGj50RhvJ0l1...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a3254528-810c-4f5a-a473-333cbad53213
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a3254528-810c-4f5a-a473-333cbad53213
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cd975392-742c-4093-8dec-96b5cd1195dc&user_group=1&ssp=google&bsw_param=a3254528-810c-4f5a-a473-333cbad53213
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlJ3zPScAqlaznWFQT87ZLYYWxSRwhnisk006BS6QMv7ol-QFxxZXTbaNoBYmPBj8UrGe4fpbylo_5H9M3cH0x6aPdSoc&google_hm=oyVFKIEMT1qkczM8utUyEw==
date: Wed, 01 Sep 2021 15:16:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 936E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENOqUBd1CdPgCTQaLAvkgEI&google_cver=1&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_OhnRC...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENOqUBd1CdPgCTQaLAvkgEI&google_cver=1&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAwNjUxODEyNTA5MzU2NDU5MA&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_Ohn...

170 B
188 B

67ms
60ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAwNjUxODEyNTA5MzU2NDU5MA&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_OhnRCgN0WXvpf5oR4VZOyZXGF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAwNjUxODEyNTA5MzU2NDU5MA&google_push=AYg5qPI9bnO1v9PCMc1MPJRspDw11JWChSiMqqnS_uR2mrqSHUlfbwueZwlcBl3LDYN_zhnHJM_OhnRCgN0WXvpf5oR4VZOyZXGF
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 936E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEP9m875jRRRvBT57_93O0Ac&google_cver=1&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgq...

170 B
188 B

88ms
85ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2NDQ3MjY0OTQ4MjM0MTI0NQ%3D%3D&google_push=AYg5qPIlK8jPdXC8hIRKv0Dk54Bosyrife6Pu0SgOOFf-KLoqV8AkdinnYgqo7fJNCuoPnD9wt2S28yFJQ6MaX0KrHRv0Pl5drAC
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 936E
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31c...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOMCjzNrZdKgYlN6cUL0gwo&google_cver=1&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31c...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ZjRjZTJhYy0wYjM3LTExZWMtOGYwYi0wNmExNzE3M2M2NjI%3D&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa4...

170 B
188 B

66ms
63ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ZjRjZTJhYy0wYjM3LTExZWMtOGYwYi0wNmExNzE3M2M2NjI%3D&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 15:16:20 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ZjRjZTJhYy0wYjM3LTExZWMtOGYwYi0wNmExNzE3M2M2NjI%3D&google_push=AYg5qPJPdpH_3CJ99blSYOY-UczyWSXmTjDNLX4rEvqrAHJXxxa31cN5zAMA6RmGa40vapMcELRQiDTqwJuWsVZ8U5kiDu2E4ziWQw
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 936E 43 B
63 B 16ms
14ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEPgWOqP4kIXrpvsoLzX25ww&google_cver=1&google_push=AYg5qPIocnpYHvQQ9AP_ZJO-kwBgm2nuTGao2KOdiLVdswAI-iZMnC0U1zW3X3lWtd4eF7VZ_uwGtG_tHjldm8pqHkpOOo-o9xTYaQ

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 02 Sep 2021 15:16:18 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 936E 0
12 B 41ms
39ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-GXwcCUI0e5nH8yonNeXyd6Mm2riaeRLRnLvpp7KliSC_ugZsOnRhuz0pdHETgYuRY2A-t1U

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 21D2 35 KB
13 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:06:02 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame F9A4 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:06:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 53ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=317&gp=147.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&cu=1630509371769&m=6873&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=147.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1140&an=1140&gi=1&gf=1140&gg=1140&ix=1140&ic=1140&ez=1&ck=1140&kw=686&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1140&bx=1140&ci=1140&jz=686&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=686&cd=686&ah=686&am=686&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1761425289&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 55ms
47ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=315&gp=780.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&cu=1630509371769&m=6874&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=780.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1087&an=37&gi=1&gf=1087&gg=37&ix=1087&ic=1087&ez=1&ck=1087&kw=654&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1087&bx=37&ci=1087&jz=654&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=654&cd=74&ah=654&am=74&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=266382550&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=315&gp=780.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&cu=1630509371769&m=6874&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=780.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1087&an=1087&gi=1&gf=1087&gg=1087&ix=1087&ic=1087&ez=1&ck=1087&kw=654&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1087&bx=1087&ci=1087&jz=654&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=654&cd=654&ah=654&am=654&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=355569990&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:19 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B8CF 42 B
64 B 31ms
29ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvG_3WNHamvAupGyH_ev7SiPeSWQczimiANnTNYpdXanR1IGNeyJaEJ_Mkcpb-VoyJgM_RNn97AbgANR34n42SaV5uNI7-198MYAPXYSW2ZU6zM&sai=AMfl-YSYOdFtb6veTQJ62ZtXlYaOoBf3qBjeQhu9oVNf--0GY1WXmortrpiQ4EBF8MAoiH3SEFcT-1pWARYgbvQM1_JDedqoviQ6kArj7F17675DuMMg-VEGRp6DI7AijcE&sig=Cg0ArKJSzAaYOEWYDG__EAE&cid=CAASFeRoXEj1iLgE8VcTkiia6_bsgUxaqg&id=lidar2&mcvt=1000&p=781,315,1035,615&asp=781,315,1035,615&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1210273051&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630509376996&rpt=1005&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=315&gp=780.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&cu=1630509371769&m=6875&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=780.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1087&an=1087&gi=1&gf=1087&gg=1087&ix=1087&ic=1087&ez=1&ck=1087&kw=654&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1087&bx=1087&ci=1087&jz=654&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=654&cd=654&ah=654&am=654&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1961870296&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=970&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&cu=1630509371769&m=6880&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1040&an=10&gi=1&gf=1040&gg=10&ix=1040&ic=1040&ez=1&ck=1040&kw=580&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1040&bx=10&ci=1040&jz=580&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=580&cd=20&ah=580&am=20&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=710370120&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 46ms
38ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=970&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&cu=1630509371769&m=6880&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1040&an=1040&gi=1&gf=1040&gg=1040&ix=1040&ic=1040&ez=1&ck=1040&kw=580&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1040&bx=1040&ci=1040&jz=580&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=580&cd=580&ah=580&am=580&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=711552042&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=970&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&cu=1630509371769&m=6881&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=1040&an=1040&gi=1&gf=1040&gg=1040&ix=1040&ic=1040&ez=1&ck=1040&kw=580&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1040&bx=1040&ci=1040&jz=580&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=580&cd=580&ah=580&am=580&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=671849046&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:19 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F28E 42 B
64 B 41ms
35ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstePcAJJFmBZTSs2x0bjd0Ck9Q_72gfzoII2YO8amRHQuYmGsOsNM1DDz7fI2u1jYn4KN-bv1xfo3drSJptrsUGDtCuK6V9JKySIxiI4mXr9ypTpSLG_DkzUWOSuOG5IGqGcIWt6zw&sai=AMfl-YR9bmnDiX4Q-IXtCOUnoameyG1n2DFAvjjD18A93NJKL6vH2UUoUdw0mwi67tY3yvN0vEeoKdhOLprRJ5rZXfJxCrpA3RebDTVESkmf_lXE_3GQqMdVyG4TUj1ohnM&sig=Cg0ArKJSzMctXyTKxQE7EAE&cid=CAASFeRoClrA5ccbvH8Y2ChsBimMehtGiw&id=lidar2&mcvt=1000&p=0,315,94,1285&asp=0,315,94,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=4116334476&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630509377012&rpt=1273&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D67C 42 B
64 B 38ms
36ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2kta-EByAGNCUGRrnMkwNABmtPHmsZagtLyflkshcudktstNtTfJ5RIzsdmHQ8MVJFexY-WKYETqalCwfeZTpYungbD41Ew9rH_I6cwZKeND2IIrHs74vDSLLDA&sai=AMfl-YQnfQwFl88Ducc76ZLisqtrcjEKHeLlAuI0-kvaKJ6K1Vwnjii5g35H-KCk_5A-_w48DKmVblP79YuIG_cyCr1L3W8nzIzIURyGil665VkeNRTF4atNGilHytYwc4I&sig=Cg0ArKJSzBESez41ldLnEAE&cid=CAASFeRoszfQi2xOqjP0pKXf_-mPmv7XTw&id=lidar2&mcvt=1002&p=148,317,238,1045&asp=148,317,238,1045&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1849622489&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630509376895&rpt=1444&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3D3E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPRS6zc26J8KC-T-OqAwhbA&google_cver=1&google_push=AYg5qPJDWh8AJp3wA5dCylI-9j6rejaNgIRZAswXKUzDcL3zEMeTZ44-FSY4Se4-bzVK0kXQVkS-9yyT_iDEbGIT-468bgo0utTZ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1MDI1NDc4ODcxMjIwMjQ0Mg==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELEhKap7qBfomqPyWwGLrxk&google_cver=1

43 B
407 B

30ms
2ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELEhKap7qBfomqPyWwGLrxk&google_cver=1
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELEhKap7qBfomqPyWwGLrxk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3D3E 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEm3O6VDxBds5sMravvdtEQ&google_cver=1&google_push=AYg5qPJmxJ8-8vPm3yJrYhThpsIgREHIWcCH_miWRN4Cu56MRsniUK58WqOFM-UKlNaJUVyiUCRGfsAlMgPWnkU9CfLzb2-erdI0
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3D3E 0
136 B 87ms
35ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOSRRWUlojEfml8nOc-mJxk&google_cver=1&google_push=AYg5qPL7W-9iulf1QGtlbaijZ9mBELINXnfzANrsP2tbDY4Rl4olh6UvVTxBUuBMnKlxyfHnVDYauBUfsTUS2hj4G6zeZryBa2LO
Requested by: Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:19 GMT
via: 1.1 google
alt-svc: clear

GET gg_pixel
sync.adaptv.advertising.com/ Frame 3D3E 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D3E
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECuAfKoNkU7eGGaZAbcGDcQ&google_cver=1&google_push=AYg5qPJnjaaoWe1TlfkjTCmxqzbhb18CIO6HkX6Bx_I98i5rioKes6HmJtzoIfq4WWKeCExpjgKd01eVIvs0HmE_axx1TQlu07lY
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJnjaaoWe1TlfkjTCmxqzbhb18CIO6HkX6Bx_I98i5rioKes6HmJtzoIfq4WWKeCExpjgKd01eVIvs0HmE_axx1TQlu07lY&google_hm=eTz9Tdzawogy4MqOTt8-vQ==

170 B
188 B

68ms
60ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJnjaaoWe1TlfkjTCmxqzbhb18CIO6HkX6Bx_I98i5rioKes6HmJtzoIfq4WWKeCExpjgKd01eVIvs0HmE_axx1TQlu07lY&google_hm=eTz9Tdzawogy4MqOTt8-vQ==

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJnjaaoWe1TlfkjTCmxqzbhb18CIO6HkX6Bx_I98i5rioKes6HmJtzoIfq4WWKeCExpjgKd01eVIvs0HmE_axx1TQlu07lY&google_hm=eTz9Tdzawogy4MqOTt8-vQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-request-id: n0floluq1nhg14vqg0gtr5at4r6h89i5

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENoGzEU4JcZkO-aswva38W4&google_cver=1&google_push=AYg5qPKScIDOoxXUrq4UdJ7ZTeb2Sxesv_pBoS79eirqSr8I_t9Th4bHV4VMJln3HetDEewi-j9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxTjZQR1otMjctRDBFOA==&google_push=AYg5qPKScIDOoxXUrq4UdJ7ZTeb2Sxesv_pBoS79eirqSr8I_t9Th4bHV4VMJln3HetDEewi-j9613_YvHY2hcz-eDUv6OIIDcEo

170 B
188 B

52ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxTjZQR1otMjctRDBFOA==&google_push=AYg5qPKScIDOoxXUrq4UdJ7ZTeb2Sxesv_pBoS79eirqSr8I_t9Th4bHV4VMJln3HetDEewi-j9613_YvHY2hcz-eDUv6OIIDcEo

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxTjZQR1otMjctRDBFOA==&google_push=AYg5qPKScIDOoxXUrq4UdJ7ZTeb2Sxesv_pBoS79eirqSr8I_t9Th4bHV4VMJln3HetDEewi-j9613_YvHY2hcz-eDUv6OIIDcEo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3D3E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIJlRQ6KFTX6TCY7PwHJYJo&google_cver=1&google_push=AYg5qPKmmffUeXS4umhvnZMm3k0TFReMqLNZbGq7hA5Yju248vXpESuGI75BT-e_Fa1gqL1IVBUx9Xq14bszv4cv...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKmmffUeXS4umhvnZMm3k0TFReMqLNZbGq7hA5Yju248vXpESuGI75BT-e_Fa1gqL1IVBUx9Xq14bszv4cvhARdWNNNrk8

170 B
188 B

45ms
43ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKmmffUeXS4umhvnZMm3k0TFReMqLNZbGq7hA5Yju248vXpESuGI75BT-e_Fa1gqL1IVBUx9Xq14bszv4cvhARdWNNNrk8

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 15:16:19 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKmmffUeXS4umhvnZMm3k0TFReMqLNZbGq7hA5Yju248vXpESuGI75BT-e_Fa1gqL1IVBUx9Xq14bszv4cvhARdWNNNrk8
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: PBE64NGHhuZXlIBBN5QTBjpqBsjbEC0CXM0f23svViFjT1a0SjIxSg==

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D3E 0
12 B 42ms
42ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjIDR668ZMcnt0j5xe4nOlQzQJ8AgOOXVCCQXbFio5FFi7k4SXu5fFIXUHsH24dfi0uI8Q

Requested by

Host: 7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
URL: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D67C 42 B
64 B 37ms
29ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDkL69794qPuHT_YDi9H3IXSU1_DtLWtYERCl04XEgK4PN1LIcilJm3tWJGcRQxmNLb_y6pbHBivTQruJeBahGJ8KaqG8HeYE&sig=Cg0ArKJSzG4SiUI3fbOzEAE&id=lidar2&mcvt=1142&p=0,0,90,728&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630509376895&rpt=1921&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/ Frame 9284 9 KB
2 KB 12ms
9ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f5283c180d27f9223bf7d6b98255974fc099c415f9cb49fea5f75b554f4b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2402
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 14:42:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Sep 2021 13:23:55 GMT

GET
H3-29 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 9284 116 KB
39 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 04:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:50:50 GMT

GET
H3-29 200 logic.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/ Frame 9284 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93bb86802af1d38775cdbba0704f848bf8659a51632f7fd4c1102f492eb19de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 14:42:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Sep 2021 13:23:55 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4647 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:06:02 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame D67C 0
23 B 195ms
127ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.kooora.com
URL: https://www.kooora.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame 9284 9 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 15:26:45 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9284 6 KB
4 KB 24ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2831bb09e4da058169dabc3fb560807a62f893579c7bbaaeb907aba49be2ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 15:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9284 17 KB
6 KB 255ms
49ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:16:22 GMT

GET
H3-29 200 554716316983710129.json Show response
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 14 KB
2 KB 42ms
16ms XHR
application/json 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4175097/554716316983710129.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/logic.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41056ba6dee32c30d1a0f7038278f2b428d24dee5a6c2d43a575d9ebb07f61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1969
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 10:34:00 GMT
server: sffe
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 15:28:23 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 352F 35 KB
13 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:06:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=317&gp=147.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&cu=1630509371769&m=10816&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=147.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=5085&an=1140&gi=1&gf=5085&gg=1140&ix=5085&ic=5085&ez=1&ck=1140&kw=686&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5085&bx=1140&ci=1140&jz=686&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4803&cd=686&ah=4803&am=686&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1331201747&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21D2 0
20 B 52ms
48ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgMUoQJkvYfjzG4yV9u8Pn5mjuAsAAAAAOAHgBAI&bg=!FBelF1PNAAZOkH6FTpA7ACkAdvg8WnPvwQeyu3Zski6nouCtH-zpDu1R7qB_tPTstkEUXIIrEoW_-QIAAAcqUgAAAoVoAQeZAsIeEjREKGgbz0tcDIj49VzjfQTAi9lB4WCyhSut6-Ye9J9dWOItTllZ0QMQbJFfCFMnUpDut_4Ymgs8bxouYFrLN7w-drgnq9gV1sk78lSQooho8Bhz03htZ7WfTypCAnG93ep52NepBhwuzrI_ybxhHsgrLzJbkGxGKkfhWmWCOzeNUVJSrrZTNX8Ehs47kKqarG9HKEJ8UeyN5UWAFL3JN7rPA7gIjK2dcUIJfUk-oZrIzzxqTZjLLb6mSKus6GHIcUCYTRHwnlOWonPQJ1FxKYFZEZ67ZLSOTNENGzpzEmRDWGKNXd-M18Pr7viB9IT2TtLa8YMksbnW7QdEpQeX5_bL6WHasxzgIS1Er-eA1rab9VTckSanR1HTLBU2k_2HZ53cvGaNMjIJKeKYWTjr3s018pVdH_uDpMar2e304VLgh1DXq6DLrqr8XLrzXasTHQ4dznCJi0Q-Sjv0l9X4qGWh5c8EZ91dguRwCqR0asX2ZFWRi7RVcQKZFE5JvOtl-GxtB3-JhFzBMFHoDbmY2adxRQ_-5MGHWmC40bNG5xjl9pBmID1V9_um4F_WkdT7W3DN6kl6NmTMGCetDwG9TAfyB04RqlV6YEpzT1QxNoEMqjDQx8Dci0Bi1P1hyPlnzSKTMD-ucgPhTNXBa6nRl4DHG43SxfztIBUzFWEfvRief_SNyohNaahQWujXm4YYGcMp_A-yQWhg09W0qPGvYouuxjeUxTlm32sjFAsVZ5ZMgCddD2oLOirpxc7dTE6yomFJk5_4UAshnH1j0s9WAxh2_W4yOMM-mYQYsLRqatJR2bleq16VsN-LEAU_s5WrFLBltwCnxe2U4lPL3f-jFcMPjkZaq5s6_cUUuLhU7tZUGdGs8mlra5xwcF3ZFoqfZyG6QM-deU3UYZ1bkXZQ0gIo3KH9_CFVgqNylgfQ7vlj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9A4 0
20 B 55ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj_YxQZkvYfnAD8mb9u8PuM68iAkAAAAAOAHgBAI&bg=!OTqlOn7NAAZOkH6FTpA7ACkAdvg8WibtZ85gIQzMGPxWIuVHTx-BKhY3UMSLntJxLWXlDmCRhp2IkAIAAAnnUgAAAHNoAQcKAEWL8kPW63cQgFfnpRW9A5yTA08JZE-tXd-YIUoxpdUmaD9cIpLNHQM1CES05U8OCZdAVieQcbEdP04Y00xtYVKpgTCESHOZAsDpqyKVIIQaBFoNPPEAEb8B3zakGBmTzO3bP-kWquROI6q9yh9qAStOJA-57CcmAJnjaxxHrA9jRzSP0oh72vPdIN0ed0djOyxj7X-5sogWnnzS3omZIpzfQbWxXuwQpIw7X2nO-no-Ta93-U1zOy6kofR3yZDbscdxS1Ru7VfeGQk-4ST3g2hzeqlC-7ufRlFmpVkWWaOcUOQc1xxphX7VSj_W4ZFMXsaMN8hLgFsTl5duLyj2i1LXaojuDRCfigm3wu7TqjNf_Neh2dBFQgm8CAE6WebBqcuRMq2RrPtffxm8Hyp1y0OfzSDCi2OwO4CsZxvwE3LepZHen3NVTO3iiivELYkUTrKWO4NSfLQIFk2zC3ihCoVqkiEw6Y2ZPYe2QPxqfTxHyE3KVA3nvb1hRob2co-A3NNX0HyJIzMR3H8rPanuN80hHwZRARsczYAoLr340w0oEUEZZk9ZjcmKcPiUddBRCQ7vTnueTbe6ilZ4iSD7HS3R8cTcmSxxC_U3u28cpMYtRzePcSGFAYq0KdJzAfEPimPbkmbO-bVHObt10xSKyU_EJ2VuTboGpXCxis3uNmf0ZEuUnN9Jl1bLUZe3HMMGFJcLBawlZIAbLkcgTF8BD_5_aPazD-Oso6ibccvsX_WsgHmGS0I3z1-F2CIH2At1dPYJXFfNUFcA8NqeXCHLiwd8uVE-d8cJdugz_mfKdGDD7SohlYwBB1SQ3VvZyF05sTcn0KWHwG5pZCo7-Jgpn7aPUkI-3gITLdRy2vO01WHq8gNw4N6sHID-K5BE9xyc_aMc1yWwvdhtzW6SJUpytV8auLD1f28uUvLqpQqMWbXvtTtVvWFv0V8nYy4d1AiHK4vDIffUyaKtPdhFp0xg5Kkj_O_LqRzGymSvPDea-tBHj7NtYnCmShiYrDYvcP1Pzrlh-YEpwQgr9Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E593 0
20 B 55ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzf9yQJkvYffzG4yV9u8Pn5mjuAsAAAAAOAHgBAI&bg=!Dg2lDUnNAAZOkH6FTpA7ACkAdvg8Wpx7owSmpJlEw2TcrbYvQkii57bjAE2KXsVUiMwtYDkrPyjsSgIAAAqkUgAAAGhoAQeZAspHNH5dKrZu1YWYYdeFsiT0x_vPDFZ2gDYx9s3e5mrKS9qz2lEC81JBbmuUZ7h_NL2e1x1KuV9qNuukLKAmpqBKVn9ckdMZx2tZrlXYjc8Rm8iAbuFAVJ4VAQN8l4qGL2f6BRmOOd2AFKJVs5E6gLkdm4YDmsy-CmUNSFolz97wI4994oPEzSx-yB51o2u8k1HmKS6YY8w7iWo_tTV5BQSymq2Cao4S8ZJ-6ysa-pXMvTfhoor8JkZ4kLfsP7S79EkNom1eI1eRSlbKX7l_Dd9qEjje3-0qcYtC5OtnkMSjTqomHVjZZ2RO7eeD_4-zHzED01UwQuaSZg5_blMF0QPS3wBc447n3LWc_Blo5D-tGezcpC8oIkVwD-PyNWg3woFvWCnRLMXLbTsz-UTzUMLfQwTGFo_hfcqx_bleK4_Wi2Z9xinrqgVcopfifFLtBjGUmO2IcHBFOyqE7wEO51ZLKIKezEzqjNMNWJPYWoXOBGblWGryuUSKVxekSnoZboR4sGtaukWSUg4MSzCQV99AOtqz62AJPMk6IxDLbzG9xHPYM28YjJ-sAka-wyyb6epZyFQn8WQ_yJPB1Uk0r7MrQxC0TujKAASWtySfUFSTogIDDF-IjpQx7m2mvtEtquLfdAyOpOJR_EWdsKNKZ236eCkIUfWxTEP_d2HrfZTwx1IBSjfyLnH4mA0p9JhVLv2nSJc4NMOVkXaRzSUm2_ThvupIzcZmWTHckggOMe_cUYvs-tu7gh9dXgms82dxgEzKOgPEOFFjacddQeGz2MKLGuxskKA5LNChc_hMEZSDfZbKD5piopyJ_SPip3pVdIKUVGy0ihnzDC3M9QJk_24GsE_jNpl-am2B7L1ZnxdlzXuNXz_E0fD-xyTl-rKC9BfGqGWp8xbzMEOkyCvm9B_Kjn8pJ1_iNiVfqfARdJe6qd2lkpfvALKipb8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 54ms
45ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=315&gp=780.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&cu=1630509371769&m=10817&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=780.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=5032&an=1087&gi=1&gf=5032&gg=1087&ix=5032&ic=5032&ez=1&ck=1087&kw=654&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5032&bx=1087&ci=1087&jz=654&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4771&cd=654&ah=4771&am=654&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1164280589&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=970&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&cu=1630509371769&m=11021&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=5189&an=1040&gi=1&gf=5189&gg=1040&ix=5189&ic=5189&ez=1&ck=1040&kw=580&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5189&bx=1040&ci=1040&jz=580&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4995&cd=580&ah=4995&am=580&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1758260384&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:22 GMT

GET
H3-29 200 nissan-logo.png
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 21 KB
21 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/nissan-logo.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb2528e02428d889a1bcfe0ac757df916d74b29864b25cfb1421d9d730b605d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:07:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 09:45:03 GMT
server: sffe
age: 526
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21542
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:22:36 GMT

GET
H3-29 200 transparent.png
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 68 B
92 B 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/transparent.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:07:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 09:45:03 GMT
server: sffe
age: 526
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:22:36 GMT

GET
H3-29 200 f51e6e3a8c37cf6b67d03b9b3b3f334b.png
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 5 KB
5 KB 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/f51e6e3a8c37cf6b67d03b9b3b3f334b.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c53944fe34f6386a5cfee9e17ca639aa97a839d4b300eb8adabb125fc2abb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:09:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:35:33 GMT
server: sffe
age: 383
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5040
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:24:59 GMT

GET
H3-29 200 326d92e3328b941f98e8e8c1556fc88a.jpg
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 12 KB
12 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/326d92e3328b941f98e8e8c1556fc88a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a61f7f65b96cc7415ff13bd17a6ead185777a0b532140c9bbc48161e57ee48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:33:04 GMT
server: sffe
age: 127
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:15 GMT

GET
H3-29 200 e4954da9201a51716c3cc942520a49ba.jpg
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 19 KB
19 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/e4954da9201a51716c3cc942520a49ba.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a002ca284571f322ec46a486555a1a196fc20fd0d8ad9a96da3977dc72f018d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:35:31 GMT
server: sffe
age: 127
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19752
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:15 GMT

GET
H3-29 200 d4211cbb69a94c61977e18eef5035eff.jpg
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 15 KB
15 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/d4211cbb69a94c61977e18eef5035eff.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486b95201b3e7c8d38a6782aa77c2dfe019d72a6319647180e743a5aa112afdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:35:31 GMT
server: sffe
age: 127
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15510
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:15 GMT

GET
H3-29 200 37b5df1737d4a0dc30e7378ae4f9e235.jpg
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 15 KB
15 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/37b5df1737d4a0dc30e7378ae4f9e235.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49412eb6a55fa7b34a52c00a21105be9b3f58c1d0df44e9b860514acf3cc55ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:33:05 GMT
server: sffe
age: 127
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15534
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:15 GMT

GET
H3-29 200 NissanBrand-Regular.woff2
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 31 KB
31 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4175097/NissanBrand-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e01129ed9d06bcf0fc100d6af0aeb2b3c33e333e6b097824034d739d5426366d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:07:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 09:45:02 GMT
server: sffe
age: 521
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31524
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:22:41 GMT

GET
H3-29 200 NissanBrand-Light.woff2
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 31 KB
31 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4175097/NissanBrand-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0687e68d1cf50661d3e58f9ed73e24b8f2dec11cfe69a1aaaff1bf3520f3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:07:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 09:45:04 GMT
server: sffe
age: 521
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31548
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:22:41 GMT

GET
H3-29 200 NissanBrand-Bold.woff2
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 30 KB
30 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4175097/NissanBrand-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b420a4fc589ddcaacad6b4d6747eeacd2b9be730289c214d0f6b37b7a8ad307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:07:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 09:45:03 GMT
server: sffe
age: 521
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30708
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:22:41 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 215ms
68ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=2109353735665586&bg=!WVqlWh7NAAZOkH6FTpA7ACkAdvg8WvyzV53NF-fBjf6mDtAffthfytfz6n3OA7UFCNSi6RpitS9ZKAIAAAqnUgAAACZoAQcKAPwYoN-AKwRWIe2uMDffJ3cQQO9PmbfxLKZ0COwqo7FQNfe-D_jfogBjK-8BezCaGLOS5-FcBXhHyTrK3xsArhdyIX9SvQ3q9RyEOvWghC7SBQOJLnrSs5_0OUPDGmPWEvHcxM1Ul4AskXsQoidmfTp834bR4yMUbHBmK4peYRSFcqYL9_cmCqnxLzgRHbQKfIfS0BbwPDkibCfLxmBAEySfwbnzii7V47IR4QtINHlJqoL4R0i22JTfYVGLobfgD0UB2szs3kz6uaR4h94drGZjBGzm8xfn-_SS5neVXedKiHcnPVTe9tCE9hAuIySyB42vfWBZsEVC5cXE6CaZAmisUKAl4R87qjRe5RwApMg4ZcZpGQjYRkeNPeKF64VoKm25jKEIwtLX46i0N5SRHLqpZJEVBipuvcU4AHO32cWXsntdD3gKxOkubXCP8L-D7rzbB0tdREk_MxKry_R_o0OP8oSmeGzDLeOR9t40GGNeKf75OC82F2jFtfTuCtoM7B5msJyFh4ROQ4ibNEQVwB44Irel29zD9e66_ek44-0YPNgSFTGClkMchrmw1oVmamcU4JLf_gRlzxeGeXe5hg5qfaOKEYIjF7Re64XOs1ImOBo-2cPj3yzmfOGs-WdWRUtRYklmEqeaVUBF0C5mss5e0Ct7oCZYoVUm18REmUWMUtIVf8C0ztOhBfa8JGGivffJE3spKPmCn2RAVAgbqSEjFWnd-EGGC155CjqWSyngeOEJB5LMmT9MMRH0faoh4RuFOOSnX9TQ10-FxjTMJKrrKRQ-Ya9atNEYFlWoYUOxFId17seupzWTakE3S1zQJNy-WeeLDNWBGUzCyPOJGVN898bpTggxkTC_Mf0RUIMZeOzh23g14cq-ClSxeDURV4XmzQ4dAjFtseKcwJLwoIc-23vo9OXIddnWnj7n19smukYKRqwNXNui9uInDHFXKjwKxiMZ5-aivpzpd0PpEkjxncnk6GyeL23Bzxm3OzwyCGMqdMiXCQ-DP8GqLtV84WMpbb_IiC7vH6x8wSNNaDYPmzf1Rimw1u9X7k0n_McyYIuEDxrc_f6nXIteuQ766tG7Iq1em9Wbi6n-Qe2ekmylB2LVN73R99su7-8V4sNlnHZGEIE8dUVn8uEVlbhhZZXhUHuUeQ_U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4647 0
121 B 109ms
66ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuOX7QZkvYb_AOo6EjuwPrv69yAgAAAAAOAHgBAI&bg=!o6CloOTNAAZOkH6FTpA7ACkAdvg8WsoWOIhUA9sPj8F-wAxDiVa-X01-MjlYoyKSqg2ndhAR285e5AIAAAX-UgAAAKhoAQcKAEve8SUb1Die9N3ATCgaZvo3TuWAyaTRp7lJ_Io2TwmHeS9X3Kwu3zc_xnZTDGATXMNqc-xJdjn3rlNUpJ8pvXmRK07H-0iFLH2ltnaZAsxqmV1b_ICP5tCOcsAjz4L-X2ESUiRmxKLNxvkCX6TMk7JIQN7rQIMCWenv9naydF84E7_p0UJY16Llh2GQk29peuII2D-H0QsdRBNbzF0-rGX6Jj0dtV3CkcoUTIfKhD2aOZG7bl6jEjKGIeeT7cerEJ7zJWV4X1TYHb6Lvn_Mh4ofMzzMQRiUWHc0EYREzaZ6yNjCWnDK5j2ICK3G1UxnSCra7z4DSuWUqzKJUh6TNwZH8VcHOz_dl7nh6KXt_fg9ORz5fmFLOzOC3IGNoKyj24vttUFH79hGmeBtqVz-6Wv4P_f6PRgSFiev9hDFmc7coMZKu_MrepVkAV7P6nhC7vNwaw4Pef_IVzRYcuacfAKnYmBADtqcsRDG6N1wFdUKpn9_UM6vckEOuUTP28SbDELSRheB9Xa4s-9M-1m1JZvrRYuPfNhMbfRIaqlhcO6W3X_bQk96ku7AHVkhBLQpBQLVwwy9KcPGgkxMytJIqUeKt5jSVPEwASi0haQnZZ6GoAHvcwot1jg5exikS_j_SH9Ky-gOyDUxgGuumW7oAT-UOy2e21CY20olvN-xQu1IaFagaqrxbtvyYiWn6tvt79qRWpNnlVag_T26J5-GKWQtGZNR4Qy0x7nwKghPG9NDHXQb2fi0H1vN0OmtifGgX9KX4Uk3G5BxhPUmeXrNUf3LlETEsssCK_lMwauG5zYU0pFian1HW_KyCV-MOjb9JqSsWqD5Vq-VTqwDooBpo7VbICPm-Zw89_-yeGP1_Cgj7QpP66UqlZFg1IJoR394eHJQjlZYf18N90V-GBD1WmhdzpOeZ0JsogVINq7P_iQWQiPKE7JajCVVg8ok6A6DU0NFD6x7QYee9uICtzUWniL4sOnE99XVOt9xpUC6oegh0YsOVxZ9ORwW_ISjqk7BafjPPwRLO9wKdqJKFF92yX9XviDZ8fc5fgOdhQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e4954da9201a51716c3cc942520a49ba.jpg
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 19 KB
19 KB 35ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/e4954da9201a51716c3cc942520a49ba.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a002ca284571f322ec46a486555a1a196fc20fd0d8ad9a96da3977dc72f018d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:35:31 GMT
server: sffe
age: 130
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19752
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=11&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&m=0&ar=9658760-clean&iw=928ba56&q=4&cb=0&cu=1630509371769&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&hv=findIframeAds&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A2885%3A2885%3A7241%3A3223&fs=194409&na=1580515284&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 40ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=11&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&m=0&ar=9658760-clean&iw=928ba56&q=5&cb=0&cu=1630509371769&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&hv=findIframeAds&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A2885%3A2885%3A7241%3A3223&fs=194409&na=138843944&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 60ms
59ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=317&gp=147.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=720772463696&rx=959321018976&cu=1630509371769&m=15801&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=147.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=10070&an=5085&gi=1&gf=10070&gg=5085&ix=10070&ic=10070&ez=1&ck=1140&kw=686&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10070&bx=5085&ci=1140&jz=686&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9882&cd=4803&ah=9882&am=4803&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=1111421344&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 40ms
39ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=315&gp=780.5&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=369533652870&rx=959321018976&cu=1630509371769&m=15803&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=780.5&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=10017&an=5032&gi=1&gf=10017&gg=5032&ix=10017&ic=10017&ez=1&ck=1087&kw=654&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10017&bx=5032&ci=1087&jz=654&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9850&cd=4771&ah=9850&am=4771&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=154538786&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 39ms
37ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=1&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-nwvw4053N9oCRb36FcojwKWkUwdJEJMXJKBAOq%2BVT%2Bl2tvnQIIWF3cA%2B&sc=1&os=1-9Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=970&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.kooora.com%2F&id=1&ii=4&f=0&j=&t=1630509371769&de=478135228978&rx=959321018976&cu=1630509371769&m=16007&ar=9658760-clean&iw=928ba56&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4809&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2885%3A2885%3A7241%3A3223&as=1&ag=10176&an=5189&gi=1&gf=10176&gg=5189&ix=10176&ic=10176&ez=1&ck=1040&kw=580&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10176&bx=5189&ci=1040&jz=580&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9980&cd=4995&ah=9980&am=4995&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194409&na=821792489&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Sep 2021 15:16:27 GMT

GET
H2 200 d4211cbb69a94c61977e18eef5035eff.jpg
s0.2mdn.net/creatives/assets/4175097/ Frame 9284 15 KB
15 KB 24ms
16ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4175097/d4211cbb69a94c61977e18eef5035eff.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486b95201b3e7c8d38a6782aa77c2dfe019d72a6319647180e743a5aa112afdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61866411/20210729074217100/index.html?e=69&leftOffset=0&topOffset=0&c=CafSx7U3iD&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:14:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 10:35:31 GMT
server: sffe
age: 133
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15510
x-xss-protection: 0
expires: Wed, 01 Sep 2021 15:29:15 GMT

GET
H2 200 dc_oe=ChMI_-Sa4oje8gIVDoKDBx0ufw-JEAAYACDDgoJK;met=1;&timestamp=1630509391454;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D67C 42 B
251 B 70ms
68ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Sa4oje8gIVDoKDBx0ufw-JEAAYACDDgoJK;met=1;&timestamp=1630509391454;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 15:16:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS-ZQomecBZVAVkaHY0qYQAABLkAAAIB&google_push=AYg5qPK97t-CbMQIQPGxy1S56ySm0mAW_2EqVhD2OBHuiOyiRCQSmlhKE6BiBaqpuqEsEoDPmvV4Lewo_uyMLICbyv0mHFwHkGj6&google_cver=1&google_gid=CAESEOQpg0SLhz0tpIaPLjwMDw0&google_tc=

Domain: sync.adaptv.advertising.com
URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEERngb2c9XBwSc34VpgLzfY&google_cver=1&google_push=AYg5qPJ93RPeX5eJirkIj2csq5Sg8UwCwLMReLjUUfaFcbtpdLD_lz9Ms4ffeyI8tOgbui6CoFnuNxM3hxh40UhzHEDx7jivStif

Verdicts & Comments Add Verdict or Comment

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hit.gemius.pl/	1970-01-19 21:38:21	Name: grtb_dbcm Value: 1
.hit.gemius.pl/	1970-01-20 06:23:57	Name: Gdyn Value: KlQ3ZRaGQMQGvaYie8eBpRRissGMXP8c25nSGssIIm78EMxnGoG1orJIL1BGGBPDGtGaEFQpmsMQGs..
.hit.gemius.pl/	1970-01-20 06:23:57	Name: Gtest Value: KlS4_MMGQMQGvaYie8eBpRRissGMXP8cXRbG
.kooora.com/	1970-01-19 20:55:11	Name: _em_c3 Value: 1
.kooora.com/	1970-01-19 20:55:11	Name: _em_ft Value: 1630509374421
.kooora.com/	1970-01-19 20:55:11	Name: _em_scf Value: []
.kooora.com/	1970-01-19 20:55:11	Name: _em_lt Value: 1630509374421
.kooora.com/	1970-01-20 05:33:33	Name: _em_mb Value: 0
.kooora.com/	1970-01-19 20:55:11	Name: _em_vi Value: 76e33649-2cf0-476d-a300-3b98d9eae7d6-17ba1ee9bd5-b5c8f848
.kooora.com/	1970-01-20 05:33:33	Name: _em_dmp Value: 1630509374771
.kooora.com/	1970-01-20 05:33:33	Name: _em_gc Value: DE
.kooora.com/	1970-01-19 20:55:11	Name: _em_pc Value: 1
.kooora.com/	1970-01-19 23:04:45	Name: _fbp Value: fb.1.1630509374831.750352553
.kooora.com/	1970-01-20 05:33:33	Name: _em_vt Value: b8750a1f-75cf-495f-82ac-973051ee705e-17ba1ee9b0e-0232a99f

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6) Message: [GPT] Exception in googletag.cmd function: TypeError: Cannot read property 'getItem' of null.
console-api	log	URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-9-1(Line 1) Message: Error loading script Cannot read property 'cx_user_posts_history' of null
console-api	warning	URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js(Line 1) Message: Permutive was not initialized. localStorage not supported
console-api	log	(Line 1) Message: -1
console-api	log	(Line 2) Message: before Mobile
console-api	log	(Line 3) Message: detected screen width = 1600
console-api	log	(Line 4) Message: mozilla/5.0 (windows nt 10.0; win64; x64) applewebkit/537.36 (khtml, like gecko) chrome/92.0.4515.159 safari/537.36
console-api	log	(Line 16) Message: Interstitial is loading...
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6) Message: Incorrect usage of googletag.Slot defineSizeMapping: Size mapping must be an array
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6) Message: [GPT] Invalid arguments: PubAdsService.setTargeting('inArray', function(a){return-1<Array(this).join(",").indexOf(a)}).

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7abd51dea859031ad9c2a3578d324e78.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
adservice.google.com
adservice.google.fr
c1.adform.net
cdn.permutive.com
cm.g.doubleclick.net
collector.effectivemeasure.net
connect.facebook.net
dclk-match.dotomi.com
detect-survey.effectivemeasure.net
dsum-sec.casalemedia.com
eb2.3lift.com
gaae.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img.kooora.com
kooora.cognativex.com
kooora.com
ktv.kooora.ws
log.cognativex.com
mb.moatads.com
o.kooora.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
pool.admedo.com
px.moatads.com
r.turn.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.cognativex.com
stats.g.doubleclick.net
striveme.com
survey.effectivemeasure.net
sync.adaptv.advertising.com
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
t1.effectivemeasure.net
tagger.opecloud.com
tags.bluekai.com
tpc.googlesyndication.com
tr.blismedia.com
tracking.m6r.eu
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kooora.com
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
sync.adaptv.advertising.com
104.111.215.191
104.111.242.245
104.19.150.54
104.244.42.200
107.154.114.140
13.32.121.123
13.32.121.55
142.250.185.130
142.250.185.66
142.250.186.166
149.126.77.203
159.253.128.188
18.184.95.242
18.197.13.64
185.29.134.248
188.68.250.242
2.18.234.21
2.18.235.40
2001:678:cb4:bbbb::11
216.58.212.162
2600:9000:206f:1600:1f:612c:5a80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:f84
2606:4700:20::ac43:4901
2a00:1450:4001:808::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9c
2a00:1450:400d:806::2002
2a02:fa8:8806:13::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
3.127.193.214
34.96.105.8
34.98.64.218
35.210.53.219
35.227.236.205
35.227.252.103
37.157.6.252
37.252.173.38
44.198.115.38
45.60.65.37
52.208.239.191
52.208.32.237
69.173.144.165
72.251.244.142
76.223.111.18
025ea15634a9af5c39670faa9e40359fd8db3fbffb0e3d004dc1461e03aed85b
0293d9edb38175cf6ef2ae891b6260d1064ea1494790848214d1a98832f47d61
066c217e0c0ca1229f7522b95f157640ea252aad91a2b12a82b3475c527b1b43
0a59afc257bbda60d57cb39fa2497e15d46c66a08bee7cd6fb48382401dd0fcf
0b420a4fc589ddcaacad6b4d6747eeacd2b9be730289c214d0f6b37b7a8ad307
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca06554254cc2f0d2b0c998b7492eba0e10839c180cb17626fc1cb38c091f30
0ff1d43a1325b18a1e551c237bc3ac379819a1b6cc1a222966370308b8586761
101926f36ddd708fe0aff1af8091a9beefc56d3d0fa98207c9b2f14684808b92
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15045c656126ef9dc87407d03b2007ac4b2bdf596e8bb2fc69047e2b04a88d3b
15f3beacaa636b36c2852ed39a4847f10825e73a83f9e541dff90c74a2c25825
19389101e87c60f6e6239521e1bef91a765146a3a493a38d5de50764167d66e8
19e32818e3eb55f2f03de31d423c08a99983972d7413eda9f7343fbbedbb3972
1b00b1bfc13107699852b352569a8aa7a277a3a30ef9660bd085baa7a2f1cbec
1bfdf71d0e81b1006caae31bf74df5629a92567f37d4ea5aef23ee1af0ffd9e1
21999a5c5bd98a7635cdd7f48e73ec48c665143d91bd78d006516d3078003c8a
22b7cb6fcf3711416c278be9c8cf7af5a09701701849131fb090f3339dd62f85
239e93f0c5324a9eb071c491acfcafa3e16adb9b8bf1228ab68727ec5a4bbc00
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
2831bb09e4da058169dabc3fb560807a62f893579c7bbaaeb907aba49be2ea30
28f5283c180d27f9223bf7d6b98255974fc099c415f9cb49fea5f75b554f4b60
29d74a76391d6c63b1854804b838d291ed91ddbccf1c9879fa6878216028803b
2a61f7f65b96cc7415ff13bd17a6ead185777a0b532140c9bbc48161e57ee48d
2c53944fe34f6386a5cfee9e17ca639aa97a839d4b300eb8adabb125fc2abb4b
2c85f3fdefb9abb459b7ffccb1ae62bbbca9921af731840df5353b70c039df01
2d7abaf66f06a493256356ae5127d7859c491b8e0666424745e99ab188f7e4c9
2e0687e68d1cf50661d3e58f9ed73e24b8f2dec11cfe69a1aaaff1bf3520f3a8
2e889eff11b48aee5a7976cdcfa16a5bb2e10362672d61b06aa893bb95c4a840
307702de7d01f11cce103e6bf37a2fc508d95e65d089de6ee976771fdd020868
30edf64a77f3b2abb906dda068c61991c5477d7b04a72ebda05cf3de695a8ddd
3137c3d9470d9844d0bbe4df783bf476a08b9b63eb61624b40c9a990f4c560fe
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b31d9d307d8a316017bb8b2775985c3bb1528c46d6d5b4e15e3a7d35d083e5
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33cf5cdd220361935b9aad6ad1be1ad162d1c520e9cd7bccef8eae9df881ff9b
3679d93f32c8a4019b71cd695be75acfcb43ef2ec7c728e45477a379909be8cd
3887b1317dc3d67b82b8f1abd3b1f229d6070c324a329ea1a5b8f082871142a6
38ea251a350b959b00ea3575cf46c712b0a9f980fff175f8966ab73f2b7a4d8b
38f9e825ae798c6848b5a17dbd9059bd53b975d1f78ae23f6c00c3445429a626
39ae2b949468752d10f2b1897bc86c0d5393fb8f609687606c4dab63fc51f9f5
3b932ed350d41e46eaf77b95699bfac971c067839bd45be73746b17d67fb6bbe
3c69666719400959dd75c842f0491ce3a3d61866ace65d4bef151a4c3fcaa1b4
3c7429f019ec9483ccf7fd14d9f69e7b0cc67a5904712ff759e57943fada6c88
3cdf8a127feb08de3a6ce9185194aa6316c62ed685ee338710d2a56a6696a3c5
3d572bd00b5768cc5843840d3fc0b2b6c001f02857e307535181b6c79651e81a
3d8e36db5f1af4c5d28f5e8404fc4f243677d9d555c454481bdf5882cd875473
3d9d387291aa5f9f5f819df357dc63cb6bec52008b190225e6f4db6c791ae40a
3f91ac929e80a0bfd2743e3366352fd21a6f0a39b18bd476cb9f7f3219b35e64
40f55db3f50c8574c605ad9ca3127375085f0eddce45758037cb549de72b8b03
41ff8bfdfd1af2daad71be61a4399294d57f1b23174f54a1a9124f07d78c2379
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cc1798af996c3b8f835519fd2bfe8a7b715dc94b1db9992aa5287bee6c81d1
45860fbed3e22557617dbfc8ad5478bd3ac00b47089006d269e878c3564226b4
45f235ad134e1767b75a95296ddcbfdead22413f021fa2ca830efe42aa97b59a
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
486b95201b3e7c8d38a6782aa77c2dfe019d72a6319647180e743a5aa112afdd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c178614846d599b2fd4c9576037af5c748c2b40ceb45467928eb265010104e
49412eb6a55fa7b34a52c00a21105be9b3f58c1d0df44e9b860514acf3cc55ce
497ed3b6ee9d9cf88bfe95eeabfaa404b05a3aa6f33e207510fe97de9173f4fc
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49e2b047f8cd3f435b4b2fc989e2f9125b2249ef15ee4e874b30992db0462933
4af6266c7294570a36a20fef6f4529694e9e2e929cb9b9967140cb7d151700cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b67de5f7168b77144164a7ad5f99869c818515ff5f32668bc324bd9dc9ca3a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eadb961ff3311ef89724e0f8ccc5eda031fe277237db14e7cec4d1fcff93498
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb1158f5cf7990180e622a87a9f0194d057608ea96695c36582f4e6b462f878
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
547848769221656097118092a8b8b4ad96cabc3483d4068422f1c9210f009e1c
5548b3fe3513d45b693e62c4e813fef4c5c96cd73cf4350c2f33c13adbf105b6
55d5cdb646aac7754c4fa6a5d3c648b8436b5c07892cd7b62be770edbc9ac5b8
55e7cf3e9627572dd93cf73ea133285b762e2be0e73852c702e0e55b03d2c1ca
565b58daab9b7d9ec04dd4cb5a41d50158783d29a02bda2f0ec4de94d24ea133
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
576c69b135f0629c417b31691d3da387c4311c0646f62aa21f97b1e4724de6a5
581162c11f94e94e768a3310b44d70e0ddb3f5694d6abdd081c0e07d9c1f9ebb
584571c606a56ebc99635c3322285c857c2ace4701980518babdacc55c85a311
59f102b01224513b0006a16c14103e2efc270c4c91dbfcd4599f87abaa80fc21
5a0938c3e6ace66565b47cdc6e4bdb557a7e432b68176ce0fa0e8f8ed0645be1
5ac326d76ead1ab071d369a8618147700820da5e2c89f7a30076bd51770e7270
60084190ea9111fd219bff0b24e83067116122101233f664abf0d5c0e5ba6f9d
62a81e1422632c3b5589b93808839d877c5942a3ddc591519c1e53ff6a042533
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
630a96919d61c1c006daf9b500f89ffdfd89c7bec2932dc129184b2882df8bee
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f56eed3288b59e657812b60c5f80f578d7820c2e1ead97421a438f562813bec
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
737c272ee31ce3176d4a2509754da320bba871c9c14ba4b4ef73e6dd3ba31979
73d20efecdde3219e0d111e816e11bad463c78709bacd116089b315561c531c1
772b8c572fff58afb4b5398b20747cdd84e26e23de4c0602b9f60362c1ac71d1
7a03b11d4e74c15843197fa54ea2cfc8490c41dfeef5148bc91e40f8e336dc5e
7a764d1c4eed5698453f2c90a2d1dc21aecbb88cbb85a0d7c00cb0d1269b45c5
7b243fc1f43ec4f09287bddd2366960c9676afd69ae815f1220d79e71789938d
7b43f41d5796b9c2be3eeb73db589403e05c0a24d9c01de037aff508e838bfc6
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7cbac1d739f8f4662f018087c7455f5553dd7b6d5d670df08bfb364acf7f6db1
7ce613a33e702708857d46bf7dc845dc5434a377e0d4f07666f62a6e58bf373e
7f8e4a1407df7d3f007d792891d952f6f5bf44c47c776d8d572838597981d79d
7f9b7c91931f818d2b862827501dc22aa5ff2c49f9742ecd47e997ea075d04d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85811f06b458f9b6de1a0b21062195193f6d477b9127cc4f98c37c54b3c96858
85e8eb07b569802be3ea3ddee96940dbd8de18e1bad0d7a2ea15e5748c0229a0
86247f48a9287b73500537d99d4e5862d0a6343bb6878ee717d471a11f4cb7bd
88f988d3382d4c1ae7e593f1dc28d990bd2a35a3161792fcc8feb2741b3175f9
8afd929f163aa010429412630b912aefbd114f38b6866061c251cb55a8dca6a7
8b13bfcfcabc26baca32cc1a728aa8caed91fa97466a08f829f340da7dbe9fe9
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8fb5fa18248cf9251016b03ae0fb831da54468bccd9ee4dbf51e2d2016e2b161
935c74a1b9c5bdcb878cdc9c7e32a00084d33e7a56a10c20fb0a4c01955cad57
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93b58a8c461a0c5df416c8400cda3faa770c684b115c9a8989913aa7babb1c20
93bb86802af1d38775cdbba0704f848bf8659a51632f7fd4c1102f492eb19de7
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf988a152d9851d9b3d75b99c9c1a807301f83ef2afb7b8f9aa005cf673fd2e
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9e204b3465836bb84d4253b0ebbc4b22633996a8a489feb9c2ca3478e10381ad
9ed5154aefbfed037c1a7ad9fb6de7191d494a21244863fa72d6940ba8a482d0
9eff04e6a2cf38c32345fcc2ec544f804f79da64eaf5862489a867408a65047c
9f95199e7ae62a3cee4c42d107bd79e58c0ebf375b054a5dd114486de65bfd3b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a002ca284571f322ec46a486555a1a196fc20fd0d8ad9a96da3977dc72f018d3
a0a43739be134268837d1a509a7b6c34a79d061417ddc87b99c8cc73bc6796bd
a0b46c6a3acadd3375d7e06d98aabfa257192d729152f3ff7607b66f1c063ae1
a0e91cb3a6e61d6b2bf7d318850b0db972d0b5ebe04ee9e888401a8bb4ed8042
a1fffc11e4066dc66050fd7c31865139fcc80ccc8196747091cc28c2a3debb00
a3eff3e0114e8886b1ec27af0a2f48f2dea043e1bd9701cda7045d2d90b49015
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a86adfc2d049ba63e1a2779a368902ff1861d59f80f9381637e1e56fec3f1e55
a958efaed3edcc33703c323b5d89a14d27f1ef19077765d8dfecb71ca4752c77
ac7e40364b172244db8385def4932872f7279fbd12bc769267b4426559712cbe
ad7e88c8654235bbddd04f7af65c642fe32f8bb993250dd40764778e8b2d9937
aeec57ea9032a990ffa9242ac7f06e8acc60c40e39e51f5f50268dd8986259ee
b097f8e4d32d148b9b3e42e3ac568b4edde95cb3de99f44346f51469d618979a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ff466647803843769ba9537c0be3c999dcdcd472544ceaccc0eb8a81bb6b29
b25741c5702afe4eba48d0955913094a0fa290db1fc6575c1801211ce09b5747
b438edbd366f078f48a671186c2d085ba5819d6170754dccd1e8736e9a32cb1d
b4f9fd8024ff3e7d2aec56b12af888e5142cacc411dd8f81ba3fc67136415e01
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b80a8f921687c1c183f9b5d0e253a27f7cffad9b6d9ac752b29110ac5ef7256c
b83dd5170e60269f710c5cf6927572e87401bafda6503e833a4df091a7facef2
b8c3d9c23fcfbe1c411277261e36101159f4e51c9b3e0317f7e48b934958f71c
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
b9414f14ab42c67f6d90d50396a48ce1ab7686ab1354889254e3e0bd381b90b5
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2
be66f2a7e95a29627f762c8b1c399a8a19f1b502f9dd31e5d5b7a9d56129acc9
c0f0fbfa7bb32c747e386681fb8018428b8fa86f13b4f9302aeb7fc42213ecdd
c57a3d5518f3b06e117e04e396a0ff6119f7e03158ef936b49166b28345b996e
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9db1fac9568ba8263c2ab313c9e4f15dded5a2e1aee78dac9c2ea6970717714
cd626b7632cfb5af4ec82586a1b827d774e9db11d101e50d1e3b047ee4785c43
cdd3c31150c95bcdc7ea4a26187261dad0d5ef96832a1518da973d9f6a992d56
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3496b1bb8547cb865e46186052ce2e2e16b597ddee3b04503be2d1cacc84e13
d34aeee450f07d70b7277ea9a3f531976878f9cb0492f9f244e132582830bf67
d4868de17e6703d28078a569544c489bb1c9546bdcc8edcb49783a6f514f34cb
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d6f01dfa11f80d4b0c26fea2f434ecfe3849c4975eebe3c5216c193c073d611d
d8d633236b5c38e131798d189e5e5c96866e9e525322fbaf84fb82e7c02a2584
dc85bf0265f1c1812f82642b9457f11855a8f870e3aadf375b1bdec406165a9c
dd913ae38e85bb1e82fde06de1917d806ccb19b474af85fc315be4d0dd5b54fd
e01129ed9d06bcf0fc100d6af0aeb2b3c33e333e6b097824034d739d5426366d
e1cfa606a792c238b9c6f52ae93d698aa52e2140304e91a929a44b55e55df022
e25b605ba1adfb5e38e4342ead7253da4b9ab9871b3c22ebb26ee6b624dce4eb
e3638011012a4c314ff66003697879ffe72b0341c9626c7fa191b1107a6c6167
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bf40c8940561121ff593e50b3899be3c51da4c2321cb8eb93666bccdfe5b73
e41056ba6dee32c30d1a0f7038278f2b428d24dee5a6c2d43a575d9ebb07f61d
e449376b137b82bf9451df928f49eb9baa288a513ef4039e7e812ece1359d7c6
e52a4c41ea705391fea54c454b696d15d7691a26bb35452476aaf2184bd6ae66
e687e117ba451b8173131e11511ae60ecd4253106b48d8aba282f13b534b3f0b
e812fe11de74497857cbdd41b072e78a7a3d717a8aa2f96deb953ba996c2476b
eb2528e02428d889a1bcfe0ac757df916d74b29864b25cfb1421d9d730b605d1
ecc8a0ae8ea0e42e4905b5862fb296ad750ffa0a414c58196d13f58f4170b013
ecf6b74d0d01d0b22464a7c5efe51de5f50cfd445e245992f3a1ffe5fd4126f6
eecc6d974eeb402d24b622a7279b502f77afd5dc58e0af2885629157e805db03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff1362a429c92216a43afbab87716876eb92f7ed0d3202453bd6f2f2b1451a8
f5954ba1b62e5210615072f60b1ba2fdece64535739a6fa34d7c5f8cd3a83f2d
f771a71b72bb90183b2e040e50dfc693d99bd8137ca8689526595d3c29c84df6
f7bc0e1c67d8e5d4b614f36c913a86b62081eca21e729eac97f59a02e86c528d
f99e886395e937d9dbb1828e0ad6a9e0ce4f57c734196cb496b1b7bd0c1d8d91
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd964f6a279c761bf1faccfcfcacfb7da7a10286f6551114657c4bf5f90e4993
ffb82951853443278357985f82e5f1c2b70f2ca729b731a94e432181936cfc77

www.kooora.com Open in urlscan Pro 45.60.65.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

312 Requests

99 %HTTPS

39 %IPv6

41 Domains

64 Subdomains

45 IPs

10 Countries

3404 kBTransfer

8738 kBSize

14 Cookies

26 Outgoing links

Page URL History

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kooora.com Open in urlscan Pro
45.60.65.37 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

99 %
HTTPS

39 %
IPv6

41
Domains

64
Subdomains

45
IPs

10
Countries

3404 kB
Transfer

8738 kB
Size

14
Cookies

312 HTTP transactions
3 data transactions