kooora2day.online Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kora2day.online/
Effective URL:
https://kooora2day.online/
Submission: On March 02 via api (March 2nd 2022, 12:39:03 pm UTC) from GB — Scanned from GB

Summary HTTP 178 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 18 domains to perform 178 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora2day.online.
TLS certificate: Issued by E1 on February 28th 2022. Valid for: 3 months.

This is the only time kooora2day.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17 17	2606:4700:303... 2606:4700:3035::ac43:aa61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.179.162 142.250.179.162	15169 (GOOGLE) (GOOGLE)
1 50	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400e:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4001:c0b::78	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4009:3::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:3::8	15169 (GOOGLE) (GOOGLE)
1 1	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
178	30

17 2606:4700:3035::ac43:aa61 (United States) 17 redirects

ASN13335 (CLOUDFLARENET, US)

kora2day.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora2day.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.179.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s41-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.20.157.55 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.50 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4001:c0b::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:3::a (London, United Kingdom) 1 redirects

ASN15169 (GOOGLE, US)

r5---sn-aigzrnld.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:3::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigzrnld.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.47 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	714 KB
30	kooora2day.online kooora2day.online	384 KB
28	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 bid.g.doubleclick.net — Cisco Umbrella Rank: 468	227 KB
23	gstatic.com fonts.gstatic.com p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com www.gstatic.com csi.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	409 KB
17	kora2day.online 17 redirects kora2day.online	10 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	136 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	129 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	191 KB
5	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 246 gcdn.2mdn.net — Cisco Umbrella Rank: 924 r5---sn-aigzrnld.c.2mdn.net — Cisco Umbrella Rank: 208022 r3---sn-aigzrnld.c.2mdn.net — Cisco Umbrella Rank: 186129	34 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5368	914 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	61 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 7542	667 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	653 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	348 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	64 KB
178	18

	Domain	Requested by
43	tpc.googlesyndication.com	1 redirects kooora2day.online googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
30	kooora2day.online	kooora2day.online
26	pagead2.googlesyndication.com	kooora2day.online pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com cdn.rawgit.com www.googletagservices.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
17	kora2day.online	17 redirects
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
5	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	kooora2day.online fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	r3---sn-aigzrnld.c.2mdn.net	kooora2day.online
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	csi.gstatic.com	imasdk.googleapis.com
2	p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	kooora2day.online
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
1	cdn.jsdelivr.net
1	cdn.rawgit.com	1 redirects
1	r5---sn-aigzrnld.c.2mdn.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	kooora2day.online
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	kooora2day.online
178	34

This site contains no links.

Subject Issuer	Validity	Valid
*.kooora2day.online E1	`2022-02-28` - `2022-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-02-08` - `2022-04-19`	2 months	crt.sh

This page contains 27 frames:

Primary Page: https://kooora2day.online/
Frame ID: 6615ECD9C64A06722747FA7A72ED86E5
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20190131/zrt_lookup.html
Frame ID: 7302954F74D5D873616248D7571B7EEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736965&bpp=3&bdt=305&idt=191&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&correlator=8689750909977&frm=20&pv=2&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qsdoALe2OE&p=https%3A//kooora2day.online&dtd=202
Frame ID: 364F83360C06D4CEF55621190AA13A34
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207
Frame ID: 669E9D227F406F9739ECC6881647C8AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210
Frame ID: 2CEC43DE842AC10628ABE4AB84AE981F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=213&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HzuR4H66gh&p=https%3A//kooora2day.online&dtd=214
Frame ID: 96E88C0205AF80AD8C7E26108E5074DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218
Frame ID: 43FF3B4F5EF0C781673DCF3430660BAE
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=3080755988&adf=435399343&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736971&bpp=1&bdt=311&idt=220&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1vv5j7tCJm&p=https%3A//kooora2day.online&dtd=222
Frame ID: 7B4C4AA43AE3D696FE44F39470DBCD74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736971&bpp=1&bdt=312&idt=224&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=2451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=fo8SSf5ZaG&p=https%3A//kooora2day.online&dtd=227
Frame ID: 85C0362D2DE1DE4C697CAC08519993E6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1646224737&psa=0&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736972&bpp=1&bdt=313&idt=230&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=8FkjlntUrH&p=https%3A//kooora2day.online&dtd=232
Frame ID: C31E44F02EF1D7B81DAC2487D72C532A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&adk=1812271804&adf=3025194257&lmt=1646224737&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkooora2day.online%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736981&bpp=1&bdt=322&idt=225&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C1028x280%2C728x120&nras=1&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&dtd=231
Frame ID: F1B7C2F0BEA438992CBA2948DBB9D395
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRDJi9WTAxjj593BATAB&v=APEucNXAyP9CeWSYlieOCr0-XgSPsgdc7cbzMovvggVY2dYWbK--xuVrfOpw7nAJkAs7_9Qz0XkLcgH7Ob8wC0-abZDrktKKlwUjTuOYMDmJZUTudUUoGma2gPD55LelCf78gdzANfyG6BdhSPRcSziuA3UUrCUJkk9jq98YtSYoYcwmEv0nb0o
Frame ID: 53470FD5C8ADA002509E86437A774A77
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js
Frame ID: 7A2807725BD4EC22F9337624A8D93EF4
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: ABE1356B512C4AAF5133B239EC282C50
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 725BE18C20AEBB76C7AED803C62FAF1D
Requests: 2 HTTP requests in this frame

Frame: https://p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: E336F632BF65E47FC1BE8BDB90C1D316
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3E63A3BD676E63474F402362B14B914A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 866304F3125E5AE8AE48F50739CD2E9F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DCB25E2DC9264E96CC9522C8688EC97A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 10CB306363E14CE0287542BDDC11D0B9
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
Frame ID: 29B23412148A158D9793525AD339F22B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
Frame ID: 0802948E3A4D748A1C460B9CF90B405D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A71455C1E5328455291D11D33B6FF7B5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
Frame ID: 8ED88A949F12847AD39071591BC8C1D8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
Frame ID: DEDF6FEA6A3111760A41B690EE764C6F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4ACDE4EC6B92F54BAA8BF1638A07C31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44C251607C41C6C6631AD90E5681DFA9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة 2 داي | kora2day مباريات اليوم اون لاين ، اخبار و نتائج المباريات

Page URL History Show full URLs

https://kora2day.online/ HTTP 301
https://kooora2day.online/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

178
Requests

87 %
HTTPS

75 %
IPv6

18
Domains

34
Subdomains

30
IPs

6
Countries

2352 kB
Transfer

5594 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kora2day.online/ HTTP 301
https://kooora2day.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://kora2day.online/img/1557008685.png HTTP 301
https://kooora2day.online/img/1557008685.png

Request Chain 8

https://kora2day.online/img/1640475557.png HTTP 301
https://kooora2day.online/img/1640475557.png

Request Chain 9

https://kora2day.online/img/1600801178.png HTTP 301
https://kooora2day.online/img/1600801178.png

Request Chain 10

https://kora2day.online/img/1557008970.png HTTP 301
https://kooora2day.online/img/1557008970.png

Request Chain 11

https://kora2day.online/img/1565677491.png HTTP 301
https://kooora2day.online/img/1565677491.png

Request Chain 12

https://kora2day.online/img/1564444400.png HTTP 301
https://kooora2day.online/img/1564444400.png

Request Chain 13

https://kora2day.online/img/1557535616.png HTTP 301
https://kooora2day.online/img/1557535616.png

Request Chain 14

https://kora2day.online/img/1556907695.png HTTP 301
https://kooora2day.online/img/1556907695.png

Request Chain 15

https://kora2day.online/img/1557221115.png HTTP 301
https://kooora2day.online/img/1557221115.png

Request Chain 16

https://kora2day.online/img/1564443989.png HTTP 301
https://kooora2day.online/img/1564443989.png

Request Chain 17

https://kora2day.online/img/1557393646.png HTTP 301
https://kooora2day.online/img/1557393646.png

Request Chain 18

https://kora2day.online/img/1558223294.png HTTP 301
https://kooora2day.online/img/1558223294.png

Request Chain 19

https://kora2day.online/img/1558220377.png HTTP 301
https://kooora2day.online/img/1558220377.png

Request Chain 20

https://kora2day.online/img/1558220341.png HTTP 301
https://kooora2day.online/img/1558220341.png

Request Chain 29

https://kora2day.online/img/1566726796.png HTTP 301
https://kooora2day.online/img/1566726796.png

Request Chain 30

https://kora2day.online/img/1646104520.png HTTP 301
https://kooora2day.online/img/1646104520.png

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFcHn4gihdRm1kMPGMoNHUc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFcHn4gihdRm1kMPGMoNHUc&google_cver=1&C=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yh9lYXZ1eJs6djmxjV.jhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIF1vm1AzO4AH08Osa98io&google_cver=1&google_hm=2

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMas6NAk8JRIRBBEmnX640c&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkwMjQ3NDcyNTA2MjkyMDY3

Request Chain 143

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDry5-nuQEQ6AcY-gEyCIB-0ZnLxjRj HTTP 301
https://tpc.googlesyndication.com/simgad/11936964303781137629

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://gcdn.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/01BD90AA00D9B0F13B876E03BFE5BB4DA023855C.81CECDFDECEC9402F9DD40A94A11AC46DCF951D1/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FCCC78B301B434149FA64EE9E1E6596D70FFFC5.12D4BBBDE129DE000C02A4125037885A058F61E1/key/cms1/cms_redirect/yes/mh/Yq/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrnld/ms/onc/mt/1646224019/mv/u/mvi/5/pl/32/file/file.mp4 HTTP 302
https://r3---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FCCC78B301B434149FA64EE9E1E6596D70FFFC5.12D4BBBDE129DE000C02A4125037885A058F61E1/key/cms1/cms_redirect/yes/mh/Yq/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrnld/ms/onc/mt/1646224019/mv/u/mvi/5/pl/32/ir/1/rr/12/file/file.mp4

Request Chain 166

https://cdn.rawgit.com/Abdo-Hegazi/wdbloog/6bdae011/wdbloogablock.js HTTP 301
https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js

178 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kooora2day.online/
Redirect Chain

https://kora2day.online/
https://kooora2day.online/

43 KB
8 KB

575ms
503ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c10b6cfaa77d4187ebb0998bb31acab4463e76cd76f0dea24cbe0bf5be27c0d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeiV8ZB9NXsYMkPO6DPdBoJ3ueSbk7fHIRO6K4DhVwxHaD7xe7Od3lokG9Z%2FUT%2F7uLtWRnmf%2F4rQnJj3kVavOtMnvu4b8AQtCWojWbI5VXtd1GFwKLx%2BCnqGiY2FdnswqrZQex391aoeobVgyNNdOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e5a31390a397779-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-type: text/html
location: https://kooora2day.online/
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWTGU8OhWx5ii%2BCX75Yc2M7gKjC%2Fz72rWA2FBBvXcVvJPy72Z%2BQ0D7MjbrY6Diy6NMAwwyLiyTsEOVcEV%2F6Mna0Pxa6Oa7oGrzocagqiyqBWJ0a9%2FBo2DPIF%2BjIzmNmKRns%2FfSC1he6A1TimVzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e5a31366c7a72fa-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
kooora2day.online/css/ 52 KB
8 KB 33ms
32ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d0183224947491a726527bce158846032a026a8c79ab78ebf1443431d5a8e9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkpsgLIIWx3u1tSdoDr1uaYs1%2Bew0544fUjwwmaDAJqvWt%2F0Guqe9klklVfgyu1E9PQCQQDCy7WbiLO%2BEl4VAC9BMrV4umg%2BPvVthKSxnV0haupb8M8Eqil2Ool%2F7rmczCNa1DYGSUiN3%2Fx7BEAy7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313c49fb7779-LHR
expires: Wed, 09 Mar 2022 11:18:23 GMT

GET
H2 200 style1.css
kooora2day.online/css/ 19 KB
5 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style1.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee6b835b1a8bb878a2e9696ea68c22ac2be9de8050b096f419c49c731cc2640

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTvEBqentVwAJU%2F%2F4O%2BURl2WAdBJu1XqZbXPwZcn0tOForenqeYMnz5aqUAfn3r4mDBYlxNtyUgo9WdxQGHmorx%2F3o%2FVDemPMC8OyAwq071IDSdheGZegA%2B5PS6qjzzK09Q2fSHQNlqxR4Y9cAd1%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313c49ff7779-LHR
expires: Tue, 08 Mar 2022 17:23:02 GMT

GET
H2 200 style2.css
kooora2day.online/css/ 68 KB
12 KB 33ms
32ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style2.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f1b8bd2eb14a4bfb2496566389f0de0857566996258dbd88b9515dd881ea30

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 03 Oct 2021 11:49:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0%2Bjs64axO%2BwxEBPDQAraDU803%2BTbhGZgtjDUrJINCOV9RHl9%2F%2BxjCf%2FjYB1T0Gn%2B7SfNKtH6%2FYWGUpEbfv0dAYiTPaF0Qv2sQlu2fgM9pzOQSIp4KBi%2FAPgxXx5PPsZ3O79FPiULSVBsKZT4ZI0Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313c4a017779-LHR
expires: Tue, 08 Mar 2022 15:34:31 GMT

GET
H2 200 style3.css
kooora2day.online/css/ 75 KB
14 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style3.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb634d4f1498400e543624543c1b96ddbf8d05d626cec1a203a5c6a55536b8e2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74486
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EdkCDQ%2Be9gTHst52cBYA3sljxqYCUwPrXMPGj%2F%2BsJAZXkjYZkzY%2FMH%2FcWyTEHOCPvHTPdDfvRBa8HLp5cG0X3jOVz0uanXqGVTLC6tC%2FBKisZ3JLGg8odbtu84EBghttP8md7WHV8ZJJbtttfiVOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313c4a037779-LHR
expires: Tue, 08 Mar 2022 15:57:30 GMT

GET
H2 200 script.js Show response
kooora2day.online/js/ 95 KB
34 KB 47ms
46ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/js/script.js
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9feafa033b9e4149e6fee5caa77dbe2c84f80dcfd7e29405d38ef3131149ba5b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58331
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI0318wZlTiVwOIDkRpjJGYFfbU70%2B8HNURluJWeY7lX8ThzqlSEYIfNYUHo8d499bXwlfKEE4HWFrP29MSA%2BUhxFprfrIabJhMT7ry4wb2ZU9W33syic%2FJyJwDKgv1maZ8rfxt80K23RqahWHz1cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313c4a057779-LHR
expires: Tue, 08 Mar 2022 20:26:45 GMT

GET
H2 200 so.png
kooora2day.online/ 7 KB
7 KB 40ms
39ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/so.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353c1e8cd3197a81367cb081a0c39e33dd6445ec15735e68b5833b65e2dd5e1e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58331
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7215
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4KI1OpNuCQSG%2FMG7nRH%2FBLxYk8By4u%2F%2FIMbjdEzzsEfD9J%2BEuUGqXkZvd7plHHnW7KMOcUt3L56G57m0mim5PAft%2BTZ7Tra2rKduzCIfxzJj9VUghJxm1%2F9KDziuaM%2F6STJJZej4wJzXzjA4XH06A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313c8ac17779-LHR
expires: Tue, 08 Mar 2022 20:26:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 160ms
79ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f50db36c8eca270c92b9d9d37714a0da42c94a761de009447ab2c08473a5947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54055
x-xss-protection: 0
server: cafe
etag: 13413086526606510975
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 12:38:56 GMT

GET
H3

200

1557008685.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557008685.png
https://kooora2day.online/img/1557008685.png

9 KB
9 KB

45ms
44ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557008685.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd57ce402a088738dd0297e29f81b5a5d2f76255dd632e2f9e0eb010161e2ac7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8721
last-modified: Wed, 02 Mar 2022 10:55:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZRZZVhqzFiBZGPglfh7StL%2F7qju8WcOEtwaTEV3wBrgp3FZ4WoX%2Be%2FKog7HeRfwUlF12BlJC8G8EVEjIrAPKBYZE4WqRqXxa5v1QUksaf%2FgIslJp0RFSSxIgLiUsReegF6mgT2aFV1InmNnddULLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2ef4779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwD0%2FaduPPh3kSPTHfdUZ0GGKVZY1AJ3LNOEsbkrtZERP%2BfwITxw8c84FMZScFUTEoWPk99B2tyn0NbIwuv1gCBCYJjugDYAwM8I2dYCLnRv%2B3n%2BRv5E9AElLf06dOeB6cP5tQ1Zy4ezntBdoHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557008685.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced387701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1640475557.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1640475557.png
https://kooora2day.online/img/1640475557.png

38 KB
38 KB

63ms
63ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1640475557.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29a0bb5cf80e398769aed4f2c2b522f754f2eee16c4c49ed2fec46626c3fc425

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38536
last-modified: Wed, 02 Mar 2022 10:55:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oiw0iBJxtpDr%2FijLbJsmFywZhD8AEE%2Bn9UDAabZcCmGD86U6Jb%2BZZvvfuf5BfHRdx6QL9igi7ChZvV689wFUN7S1M1O4mHYd2EKIwBj7cyTWTQkxwmGeQ2OGG170QCLXy6vwVHTTrAJcsvRXg543SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2f03779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsBlfVi4rhxnDtRwr4CRtOlqev0ZWyeQv5sOlxu8OnR87gmh7fpJ2M97wplW4CmZxEuVTj%2FbrZsHgx%2BKP2ECpN51cLZc3ITTKiNRyEwJuKSoSaSlCCEsOBIFkT39TXm7cZhSAnzBwtCoOhK%2Fa8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1640475557.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced397701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1600801178.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1600801178.png
https://kooora2day.online/img/1600801178.png

10 KB
10 KB

47ms
47ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1600801178.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c8a6528a6e3063217833a48ecc4467fd425e13064db4762b51382da9aae53d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10125
last-modified: Wed, 02 Mar 2022 11:00:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3gKdv1PFcgwvmUsZPtsRjMrTPrIUoCDf%2FVF8xZ3IXQYjUFqhjELBNrJ34QX90h1fj4YYVc%2BlvZPMLmwe4BkpTkVsE%2BNEG5rcDEfBJ0JiK499B1oLvSBA%2FIANw%2FklXCaG4tnAQmCSyDVf1EN2lG%2BUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f45779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ttUQTYFWxFdURUSZVyDAlCQFwFiZ5J5YaUSKoiJzXg7QaoSYMCINv1amZIpea3ucJO3%2FNA5%2BS4B%2FZrhWS1VU%2B1iq%2B1oOZZH71kre%2BxdDTuEKKp%2F4uQ2DrQ6fXRKWGymx4PG0kTm7ezWvS2GGH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1600801178.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced287701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557008970.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557008970.png
https://kooora2day.online/img/1557008970.png

9 KB
10 KB

46ms
43ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557008970.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88fee4c4f2ea85c1818265a09a774520c1f5a273025f799e363df2f58cf241c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9294
last-modified: Sun, 27 Feb 2022 02:30:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnqrdUL0izA8CGU9HzRs7MGnC%2FclQktf7yFEJMqrRrY8lgMQaStOAjJ46FS3GOWD3oucA6XugKYjnqRduDyRdIhDwuBgte28VztUSGow4aTnuEtqK0rDJ%2Bxl3LlGv57juO3UU%2FsSANc8p1h%2Be6vLDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2eef779d-LHR
expires: Sun, 06 Mar 2022 05:38:33 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=593aHaK42jTbHdsV%2BqQndh2ER06yt6qIW0nUUN%2BLHdqqFOyDIEk9mRZUQCg7ILCBUiZlEgWJNT%2F71Xb3C4LOMog0cgfi1Tl1FWqpt%2FAE3RGctCIGem9ml3Fa14EyD2W2xw1O5UkqxxrCUPyPpFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557008970.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced297701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1565677491.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1565677491.png
https://kooora2day.online/img/1565677491.png

7 KB
8 KB

45ms
44ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1565677491.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 301548b6325e4b5112b4ecd7202bc8c8288ff43d99ef52324daedfc062f508d9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7583
last-modified: Wed, 02 Mar 2022 11:00:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Chxj2%2Blt0iETSugLhZvZvNHLssiJZmQwlUayf25BcpnACq0sB15iraqRjdJkWqKkHGrlwYPtkPeDjgtS57nsJA9oz3r%2FRUoYDnfr%2FdQ8huYx%2Bid%2BSX73NEnNJnqBRgngyUOylupHPuJaXNsnpM4q2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2ef3779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOzmMMHPZa%2FhPubm%2B0OVivc4cQMzzZKtJbtzTvxHllb7Jkbw1GLFNUs4BtZqXxXf7QTc0jWlb9tLZY7RgXEkcPx%2FzA%2Bom5WvWUUhekNFPeYXpgglfu9mL4xyHunnWVBkKYTl5FQJB0YEh5BSDPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1565677491.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced2c7701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1564444400.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1564444400.png
https://kooora2day.online/img/1564444400.png

6 KB
6 KB

50ms
49ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1564444400.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4216d18691bc48effb49a4acd3cc25ddcddaad34d42d7f1dc798cc66d9d588f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4832
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5957
last-modified: Wed, 02 Mar 2022 11:00:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBDFOMB6d8kVlLthRwC8g6mGY4sqBSG3wDMLItP%2F3EHaaW1rJkujeP1cE7gmyd0hy1c5eXSgdPIUwlzrq9HcByKu1yx3a1vSojN%2FW9tsFg4vVcgErDXyomEcKvW8CLPvbOFZKOf8eNGdlgQKKScrAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2f01779d-LHR
expires: Wed, 09 Mar 2022 11:18:24 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlmsdOfC3dcxTcTtnH%2BHjtxu79oM0avodv3cuu%2FyHBe9BAF4znrX%2BCYOn0Ge1B16%2Bz6wc1YZz8HMZrunaRkfwUAubmB39QWrf5KLTxkL%2FsQdTF1CybeqAiLn%2FGb4KJinR9Io1LtD0jhgF07LGiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1564444400.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced2e7701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557535616.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557535616.png
https://kooora2day.online/img/1557535616.png

7 KB
8 KB

48ms
48ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557535616.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcebba8ad2649cd0c94658d8f7a9888b05e8dcba1b64f0455fca285a7e603dea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7149
last-modified: Wed, 02 Mar 2022 10:45:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujGrKiwF9qMnhdZwuJBhJP8wzqw5CODv4ag%2BLpf2wW44kDkrl81MA5KC%2BGbovx8Zf2vDdpPe%2BhARREw4nvvnwvvD3M3s%2B9ndIT64h8SdEW%2BIzBjx%2BmgaO5QbBfoyo6%2FlE4BT5091kzjGXZweenWVnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f46779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FuOm8fwFbFUJ4taPVBI1QPRbhGBUhcVuYEUibprjN0ZPN61OYopmVnMJXT12VQWZwfPo1YVn58C31CIRmlUPZhCUzbN4mfDObrjGlU6267ONdDcW92wP%2BBvhEKX%2BF%2BUPyZ3YR%2B9zl%2FnlH%2By%2FC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557535616.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced2f7701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1556907695.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1556907695.png
https://kooora2day.online/img/1556907695.png

3 KB
3 KB

49ms
49ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1556907695.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e106d048b80f677650e1a74fd03b1be6296b33a133b6f72cbcd329e3cb651bf2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4832
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2927
last-modified: Wed, 02 Mar 2022 10:45:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRIvMsp3f6v9ZK6CIZP4xKWaMhcVLyZ2JDTHq6HxHtkt871%2FWA6nGgrmsvvUxpfjEZvmd4U%2FvYUxDmo4INcM8q0vCsneUf002JcM0zYQVBXT%2FaHv0YBWZwcF4OuRTmCzNBdefXCF4TwqAqTSP0dasw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f47779d-LHR
expires: Wed, 09 Mar 2022 11:18:24 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiNJ47ZHNg1rXGlSHt%2Fo5IJdrKUzsg9fNBUiY1%2B1B4tVqWKsUNkmls9H2r6wjFe5WZlJ4XIoby0BWrhVW6xzavtriy78bYlBI%2FzFWxwmmk89AoR4e7h096n9AY0AwAFA%2FGRzqJ9W5Vf2k0gsbR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1556907695.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced317701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557221115.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557221115.png
https://kooora2day.online/img/1557221115.png

10 KB
10 KB

46ms
45ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557221115.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948d46866167f73d90da2bec3a6fd22cb2af32def3cb7400c87a92478e52045e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10082
last-modified: Sun, 27 Feb 2022 02:30:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edM6RLrCjQI5CO2WuYVTUOB%2FmSDNEFdMz31%2BIn%2BPQuXz3z0AkNq9g%2FEqsXzOo%2FFwfLYkw6aHYRe9v%2FKAs7ZPfe8kyZPArrbtWCReU1H3GHIQTpSwnEIQA3EPabnJ2ZvSuvzy%2BeEWNZhzPuSQ4XjmJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2efb779d-LHR
expires: Sun, 06 Mar 2022 07:09:33 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0a7j%2Bp71cpxzeBVB28q%2F2kVUX0a9sl9xVYwlI73JJDkq33YdI468miKlU1FnlDD%2ByA76KsPI9JDhk7tx%2FmqJ12wWT%2FdzhPdtYvq5RdWTJLEetj4fUUit%2BuAfbZ%2Fea%2BXuPqphdmx0O%2F99FJ5L30%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557221115.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced327701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1564443989.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1564443989.png
https://kooora2day.online/img/1564443989.png

7 KB
7 KB

46ms
46ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1564443989.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9efa7e8612c3907248f4ff0148d501e8578e7b4afb07ba50551bfd92ec4d1268

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6926
last-modified: Wed, 02 Mar 2022 11:00:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8ZJNAsLw1h4NCIuRCTO6NqrLYoW21DckrcD85Q0y10og0PV6x8ahJi9PtwliwjhxyM8KLEJLVvdlM%2F8BJoEyN6EMUOnQxc8TKIvc6LdGuRnHYf3CqHis2z6fP7E61e6uv0y4oe7d5kQWjVgwb5NLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2efd779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc7oCu4VWpPGyzlW%2BZaShs9vXjzn4XBXiF4ByA4OU8Bp0H%2BAtVdq%2BjklX3dnF0Z%2FVDZGu8%2FmYEUF7P4Xn2nzD0lp6PUTBFmMFyXKXIACYH6z8ksd8ezS9Llg2KXGaby7FhSUcEiIu%2Bn4MdBRPSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1564443989.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced347701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557393646.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557393646.png
https://kooora2day.online/img/1557393646.png

5 KB
6 KB

50ms
49ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557393646.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4151b22743cdf1156af80f7661631ba67f8d4462d0f5d2442fbcd8f6f045100b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5218
last-modified: Wed, 02 Mar 2022 10:50:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiU5ePd%2FcqsTyIPbSaT8spUOJdBGBHwAvTX%2F2PZvAq%2FrCL5D8%2BCerZ8iOS96BgPNqL28ENK0qe7zbDJQ0TyEJxkOEPNtlUK0aguJI72nka0kqkoI%2BZVEx9fojW%2BlBnLvkqqPb7v8fA0%2BKqvrnSq2LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f4a779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2q61%2FqdLV5b6AWFZobhOgGhZLvZ35b23WQFCMzRhQ5pjpEgpNDH%2FGdb5wZ8owawhmA4MdSUwV7erZA8yZ8RuFdRRTiRGA6hbvW90Pc7oP089h3Wy0Mz9NX5We3CC63yg6KAM5%2FnspB%2FZ5fyoRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557393646.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced357701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1558223294.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1558223294.png
https://kooora2day.online/img/1558223294.png

6 KB
7 KB

50ms
50ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1558223294.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21aa49579e8ed712d60f2b10e7888512705cfb0b4bba22f7258a3865d05753d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4832
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6521
last-modified: Wed, 02 Mar 2022 10:50:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjV2X8RqA08XEyjSQGHjjHwcTrZHimHB1A5ciE6Yx0%2BA8YE5KlaObN9TpXz9d6WPzVOMfdrhvDyrb%2B%2BY69me73VmnZGf9Hdg%2BBdHl%2FetNisTuTs2Mr%2B%2BGMBAKmfHGJHtz2bouRTY6QRzoJyU27tJPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2f02779d-LHR
expires: Wed, 09 Mar 2022 11:18:24 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FK1SbxtlHcsEx2rOyzsC2p2XRKeNdV6QZk3RCsfI5%2F0mqLg7R08jq06GxHnb1di2OPxyMpf%2BbgMr1la2AsGZ8KIMIThKzU7EGoDZgKmiYB9UZR6kMNBOEcdZRezHV3yRta5RMtGJBb7fcY1TUp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1558223294.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced367701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1558220377.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1558220377.png
https://kooora2day.online/img/1558220377.png

7 KB
7 KB

50ms
50ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1558220377.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2448f01a3ad85974366461d3a2e236aaaf46f05fb8b7fab4cfbf0b963c207bfb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6827
last-modified: Wed, 02 Mar 2022 10:55:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjBThsyVlR575hpjku99tWRaGtMtEb7iCyCc%2Feu17%2F%2BFaek9ZJaGWekhx%2BvvO7hVIwISJgy7dY%2B3byJLNf9eq50RwA0VEOxPCgJ%2BPb5LXjy9RnWjBDVAuyPc29RUsKUUwbOtPnf7wbloZBmV6BaeHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f4c779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuyaaPqeGiLb%2BsZwgtf4fVU%2By1MEgo6wdkv%2BnU2hNZ0MOXEv6k1iuBfGez6pHZcagYD%2BBsmEaVPws%2FY9DFtjbbUojU4AMvgrKSqDCfJgSczfY8P1QG6CV4OsKbCC%2Bglakans1Q5MWnxOLqnNnRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1558220377.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced377701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1558220341.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1558220341.png
https://kooora2day.online/img/1558220341.png

9 KB
10 KB

49ms
49ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1558220341.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d8f097b0126cc8db0c39f4fcc805f1456d5df20f7535e1628b1f0aaf0339a7a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9453
last-modified: Wed, 02 Mar 2022 10:55:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBKZ6xjCvPQjMX%2B4aLSi00hwum0p4Ps%2BKqI%2BLgMehsXEvDJrQuf%2B4SlZOEtf2aFkAnYCboqtNuM27VTSE6irGOVq%2Bp1Uhddzobtunj2HnwtbPg8sw71%2B5Ob285U7I0JPhlgFkMf7ryiMxpqmhOFjVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d2efe779d-LHR
expires: Wed, 09 Mar 2022 11:18:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3%2BRQNH2Gv1xVPMcEZfpmg6B0ir0%2Bh%2FAYWHmClvj6c%2F5AXUWbTbyPNewUe2hsNtKmdG7yaZRgRj82MeOAk3UaQtMIH5ZZJ5zXFrvo1hGhKws%2F7pqUqV3E9LRLp3JRf51it4OxLB8VUxF1J%2BmUnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1558220341.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313ced267701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vs.png
kooora2day.online/ 29 KB
29 KB 34ms
33ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/vs.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a9fddd32c9d64fb5703e2bc235d14553dc415746089831fbea08e9230c43a5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29215
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB818gqhNueVTciU3ILnKPM%2BeDx%2F9jvgcxSvZOoPkSdar7tUEpRjLmJQa%2FFYElbc2iqgA%2BdNfASZskK8jZiaA5y%2FN7u3FwpHOERjVjQfc3a%2F9wX%2BjkpDgpA2eJbopF0doM%2BY3UmrTpToD3vt58SSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313cce26779d-LHR
expires: Tue, 08 Mar 2022 10:53:10 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 150ms
74ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Origin: https://kooora2day.online
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:30:02 GMT
x-content-type-options: nosniff
age: 148134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31544
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 28 Feb 2023 19:30:02 GMT

GET
H2 200 DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 96ms
35ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Origin: https://kooora2day.online
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:41:10 GMT
x-content-type-options: nosniff
age: 165466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 28 Feb 2023 14:41:10 GMT

GET
H3 404 com.svg
kooora2day.online/img/ 12 KB
12 KB 515ms
515ms Image
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/com.svg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/css/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb8WOClt9FD2UtsferyTKyh8I9MdVMizqKTvAYDPMClOTn4DfpMmH6rn5v3qbaaDhf7KNYbTlAx5Dt%2B2LfBQEkiyuHbmvIt2FDQX%2FoJyAEcMCY4X6jdAggGch5fbNCsk8dGJx%2BfLw9hieBS%2B%2Fci3rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313cee65779d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 tv.svg
kooora2day.online/img/ 7 KB
7 KB 514ms
514ms Image
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/tv.svg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2091822ddb71b982236de54bd9ba45e876123e41ef38b2937917e58d10257912

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/css/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sQL%2Bqh3lqdnSdGpfyuE4%2FIb8xfP72FedeOsVOIn4u%2BdbPmQyF8L3hw9NZksLupuxcJu1koCgq8A%2FF1O%2BueDiM5Uu9djFv7739LSYyC72u1MjxecfvqogtXZ79QRO6WrNAposTBZhWZGoo2m8ozd1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313cee6a779d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 champ.svg
kooora2day.online/img/ 12 KB
12 KB 459ms
458ms Image
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/champ.svg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/css/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S57%2BGSQS%2BZo8dhZ3Hp10WyhXMdEIXQUjGSujJoKqSitoo2p3f1W7DDnZifGM%2BtonwvyZmSkHw3UFrhSHUavUWjRmwxtPfaqac4zA2W8A6Ixq2bi2s1iVxvBMve1AYODRR0%2BgD43kMF0b%2FE6goQMIsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313cee6d779d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 match.jpg
kooora2day.online/ 29 KB
30 KB 39ms
39ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/match.jpg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bb557b53de442ed40c69a5155401b43cf5189e5a3e448a695017e14ed589a9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14752
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29608
last-modified: Mon, 05 Jul 2021 13:34:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIBES%2BwV1iumn1rsmyUImlo0%2FJ3OwLv%2BYo27VEoTlMiXJRb1xWiNwannvJvqnVdRg%2BdJTBGRWzVuaClpdTihx0ypapOvgiDTtGLSGLTPdKbsFWLXibKoAIOCq726CYgzPaoZxWAkil2oY7oCk3g4vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313cee6e779d-LHR
expires: Wed, 09 Mar 2022 08:33:04 GMT

GET
H3

200

1566726796.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1566726796.png
https://kooora2day.online/img/1566726796.png

9 KB
9 KB

51ms
51ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1566726796.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12badebffd0b9469a7723511aef4d1dbd71cc5fcb674b2c7b560ba3d9b33d59b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 375606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8978
last-modified: Sat, 26 Feb 2022 04:02:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6MfYw%2BrNuvGR%2BJtWi%2FCrDp%2BcGN%2FY9CwW%2FjAtpBHSuQa%2F1taWwIzF%2FAu%2FGduZFf5C%2B5niscIBEd1OXQlzp0klEvznNCAy2jafeg%2FFv50owx21SWHAO4q2xUdcQsLi1zzL8whC6FwmNaGVRWRxX6Ksw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f4d779d-LHR
expires: Sat, 05 Mar 2022 04:18:50 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgfHuVQDZDLpkTcaMCKpuVLRYYHWimBcgjpjUvdEH%2FWumPV8NmrQmKsQwc4ziEic4fl3YvVRjOiee%2BqZBCGSRovjicMylB4I0HQnFsVVTdf7YLqYVvUnHL3cJknW9tZ0RVrntKBrGb0EzHQhAtw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1566726796.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313d0d6e7701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1646104520.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1646104520.png
https://kooora2day.online/img/1646104520.png

10 KB
11 KB

52ms
51ms

Image
image/png

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1646104520.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0562ed7457f7867020b3842abf96998459c8c01ec27205dab7c79da7484f8bbd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10266
last-modified: Tue, 01 Mar 2022 03:19:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQxaEBJR4Uk1Ir5p5VGUFLWgFyoi%2FFgJhRYiYUMzi%2BvYyYDieETmAM%2FQeBfulRcGzXSr5u6ZCs5imuSFYlTuyjLGrWomxYJD03NVL4%2BDSbEW%2F1%2BPDB8l4X9tfqNR5XrnNGzokZZrxrcM4iO3O7fPjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6e5a313d4f4f779d-LHR
expires: Tue, 08 Mar 2022 10:53:10 GMT

Redirect headers

date: Wed, 02 Mar 2022 12:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfquS0py6FbxRV0qW8gqHdYTT0U5ZhBeHnuyYQiZ9%2B3S61W98Y7IlHA7GVJEe7qkFSYVk4hIxFGasSPpw4tE5nY0E5EOOn6HIGKZUIBdxf3ZI9PepRJBgHnymaN4BufSO5KEwHnZmQ%2B4RAPx3ro%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1646104520.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313d0d747701-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 script1.js Show response
kooora2day.online/js/ 52 KB
18 KB 39ms
39ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/js/script1.js
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae111500cc7ac97add95d1e3338f4b5d722991c712983632339b50c37fb3c59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHSKdbAN%2F2807Mm%2BCGP2hO8q9MTdPKWHby4ecqLZkpBn05B%2FEWxxfZkBsJh99mSP5MDuKqliXs6qZfp0s0V7sMjPaAZseb1IztoA95cQ6Q5GLiK6FNgrVeL%2FX7OjqsABM0THaL%2F0mW%2BY9rG1JNDsXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313d0eae779d-LHR
expires: Tue, 08 Mar 2022 20:26:10 GMT

GET
H3 200 script3.js Show response
kooora2day.online/js/ 180 KB
26 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/js/script3.js
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c224fb222f6a5c316cc4df16c2956060f96961a06f1d61919a465419614a6a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70213
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgXg02X6bdVmkMQDUV9JWyFTazbBXjZLePhDi7gCnnqsU0HUoSsvWw2Ke%2B84UgjlZniGZivxZ8rD%2BmLnmpTRnYnOuLtMm1FEpBLy4QXrkYzLsHUHW1E2DBxGgdGp%2BbSrUShx7w91gexSJ3lbBqFDUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6e5a313d0eb0779d-LHR
expires: Tue, 08 Mar 2022 17:08:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 126ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9CBR5VC63K

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f7d98e795dc068d9b72c1c415399155a60dd3d408b06132cbbc5b52f01041b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65272
x-xss-protection: 0
expires: Wed, 02 Mar 2022 12:38:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202240101/ 291 KB
105 KB 107ms
64ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3440197093437636&plah=kooora2day.online&bust=31065347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65ddd8e2138b1f6200fc62c1e1920b9b9cbe5f1dc606e18a21be499f445d649e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107187
x-xss-protection: 0
server: cafe
etag: 14611596275480015463
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220228/r20190131/ Frame 7302 10 KB
5 KB 113ms
34ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220228/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 01 Mar 2022 23:41:23 GMT
expires: Tue, 15 Mar 2022 23:41:23 GMT
cache-control: public, max-age=1209600
age: 46654
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
348 B 119ms
40ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9CBR5VC63K&gtm=2oe2s0&_p=193384595&sr=1600x1200&ul=en-us&cid=1027809599.1646224737&_s=1&dl=https%3A%2F%2Fkooora2day.online%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%202%20%D8%AF%D8%A7%D9%8A%20%7C%20kora2day%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&sid=1646224737&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9CBR5VC63K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora2day.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
653 B 132ms
42ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kooora2day.online&callback=_gfp_s_&client=ca-pub-3440197093437636

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3440197093437636&plah=kooora2day.online&bust=31065347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ba3b8f69090533008976e1b14f5bd7a2199a1e4d36f505ee30b31f50d8aa3018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 136ms
43ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 122ms
44ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 364F 66 KB
28 KB 353ms
310ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736965&bpp=3&bdt=305&idt=191&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&correlator=8689750909977&frm=20&pv=2&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qsdoALe2OE&p=https%3A//kooora2day.online&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1e0a556f733ddb13abb819c5007808aa3f503fc12cffe42940be4ccf9fb586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 28183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 669E 137 KB
18 KB 328ms
291ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

051848460bdf4da4bb2df62a03476e7859227656677054f86b2c1a9155bb0b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 18011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CEC 67 KB
28 KB 398ms
366ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

490bab4d5a88c9ccf9b37afbe30b2577261ca9304e16ea06a3496d74f965e54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 28344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96E8 436 B
235 B 361ms
334ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=213&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HzuR4H66gh&p=https%3A//kooora2day.online&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787f1220fdbf3e5484dc0671a13d7b7d4710bcdf8891197bd63e5765fa54729d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43FF 121 KB
33 KB 531ms
509ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96591c218cd688355f0a08f45108c665b4dfc2c2aefd5c53e57e380968d84d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 34114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B4C 436 B
235 B 245ms
227ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=3080755988&adf=435399343&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736971&bpp=1&bdt=311&idt=220&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=1vv5j7tCJm&p=https%3A//kooora2day.online&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

238bfd262b6030aa2c3dcc10f6b5a9035a3b4c39211dbd2f9669d181c4818695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85C0 64 KB
21 KB 290ms
278ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736971&bpp=1&bdt=312&idt=224&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=2451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=fo8SSf5ZaG&p=https%3A//kooora2day.online&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00a214af6753281049674dcf8afef899d36a406613cad6de29982fbd0431d89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 21560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C31E 69 KB
30 KB 269ms
262ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1646224737&psa=0&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736972&bpp=1&bdt=313&idt=230&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=8FkjlntUrH&p=https%3A//kooora2day.online&dtd=232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b87ac94bf308e3584c69ccd54772a582ac49d7cfc8f033f1c0995071baa3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 30249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkooora2day.online%2F&tn=DIV&id=sho&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkooora2day.online%2F&tn=HEADER&id=AlbaSport_header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1B7 151 KB
43 KB 317ms
317ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&adk=1812271804&adf=3025194257&lmt=1646224737&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkooora2day.online%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736981&bpp=1&bdt=322&idt=225&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C1028x280%2C728x120&nras=1&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2284e19fea050491622db728311a64b190eb9fd18bef568f3cd210321ff03c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
content-length: 43784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT
cache-control: private

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5347 624 B
300 B 56ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRDJi9WTAxjj593BATAB&v=APEucNXAyP9CeWSYlieOCr0-XgSPsgdc7cbzMovvggVY2dYWbK--xuVrfOpw7nAJkAs7_9Qz0XkLcgH7Ob8wC0-abZDrktKKlwUjTuOYMDmJZUTudUUoGma2gPD55LelCf78gdzANfyG6BdhSPRcSziuA3UUrCUJkk9jq98YtSYoYcwmEv0nb0o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1646224737&psa=0&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736972&bpp=1&bdt=313&idt=230&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=8FkjlntUrH&p=https%3A//kooora2day.online&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1646224737&psa=0&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736972&bpp=1&bdt=313&idt=230&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=8FkjlntUrH&p=https%3A//kooora2day.online&dtd=232

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 02 Mar 2022 12:38:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 7A28 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
server: cafe
etag: 9159073006381693422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:29:46 GMT

GET
H2 200 15576591701511752047
s0.2mdn.net/simgad/ Frame 7A28 32 KB
32 KB 114ms
35ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15576591701511752047

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490035766f64f4957a813abe10bf17628f5b30ee32e9e5f0dc6d9bd405c9086a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:05:24 GMT
x-content-type-options: nosniff
age: 599613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 11:07:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Feb 2023 14:05:24 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/ Frame 7A28 6 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:00:26 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A28 0
571 B 114ms
37ms Ping
image/gif 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOn1KcFT81fFledRrqx3yCcnN2mz_uiAzZIbIPQsg5mOFo3UlfDZPI3Oe1-HeLD79pveH3N_hir2cnv4EFA9A3txyAFRqe2oB4zWrq62h1_onxxjO2q2ZQLk4mkLdfTgN4wzb1AHIiCMfYLShPDuo0pkV1EtgLyvYI3AI_YhmDQWTMtGIc0oq4ejxuY93lPgoAz5lUhnlCFGlqTLOmxvO2czBr-6NNmjqTS4QpQA0uNzjDLEd5pu9-JA01J4lWT4NiBSCUJWGbonx39pkJd5d8CJsYnmCMY3hOEkC6MYG0uwaj_3j20jXtrnXLVKNDJ1au_tCEkqubD4BwWXr8hshwLimdW5ZJUbgMrzzXQJucsjI43LmxZb5vtS2EqN49JgWm5BWPES-TRpsEs7YGOZAQcM-iak7k_9yEZW9NQ3FcE6zRBeQ6WObm6paQrMMIv0LVMG1D_7OHkIIXj9MzDB6u6ZFUn9f2mr45CNQzZ-4UYLIQl1rxfg_rXtNXMn3MKNJyBHsADXELkE0n6Bwivan0aiZBycH7H0JxFSLFAets65LvBd_AaYh-H_1muleMLRjvGk9PnUp1fjDO9UPf6QMQSRMhYNfAlUdHkQnClrkjYxbqdouBwVoARk2nH_PO05azPrzW7JjdXn4PibKAGVVYnkQhwLfcUKShxOy0n65ATgYe3mzBhujCY210CmYepbuhKLTlA5l8NIosizLBK2PC9EFB8UpLSpxI8NnvYFfU5ikT3Sfx_So5Yia7A1jERl9MyZEYx2bIg5C80Uacva-flO-NHfU1Y3jztvk4Cn6TCyGhIopxwZZ20ivzDZMWDo-nXsnuDfDknG1QhF7QjekvEKqEYQ1D7gW5vJtY9vsdLLIGnLKJaj7H5kL_XnmydVcBINbimyRj6PwGKNc7rWwj2ttImRqsNQPn_GrGNxXOzPJzy9v9d09TvNG9uxVPKAkmoiHRI0jQCPDz6wKp7PPyOaaJeyV0WG_hulkx_47itmmbTdQjqyxfXCBmyz7Ulmrlppg_RXUp9EbmVqKb78Q5paP9Yr8JxtzirSDDtgvwgUI1fXcIEuYIvg3Yg8P7MDOHlwPVJWRIpcCqRrCz2I4c&sai=AMfl-YRO1W7cvdqyM9cXh5s7EakxXpwNqjuiBZzF13Gq3VQ1RidMm18KouwXKS-O0p7OgTwh_jyWZSV5gZrvvbPql9sT6wHOc7L_VdjASWnaYvlEp8z2Gqpf1x-g7DdiSr9MW9xP_E9dOjc44AOzzwUD9oW_0LQmKvMH65LyJTD4dr79sbh5nhYIJdw&sig=Cg0ArKJSzMbpZgsM7HqnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220228.76301&adurl=

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 02 Mar 2022 12:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A28 41 KB
15 KB 182ms
101ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 13:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 13:52:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 7A28 2 KB
1 KB 189ms
108ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:32:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A28 124 KB
39 KB 126ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38862
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646052075697155"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 7A28 15 KB
6 KB 162ms
82ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 11:57:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A28 42 B
63 B 68ms
68ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cey7kS80dCH9Mx1i-gWDoK9S-r4jS6n27tc-8OBQ3JPwwoRNNKbR8Rk_IcGgSG7NicDqU_CGFalHvBEXR7q33eF7jyXxMUHctd3Xa1lw3bCRC93DQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 85C0 19 KB
8 KB 110ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736971&bpp=1&bdt=312&idt=224&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=2451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=fo8SSf5ZaG&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
server: cafe
etag: 9159073006381693422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:31:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 85C0 8 KB
1 KB 97ms
35ms Stylesheet
text/css 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 12:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 12:38:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 85C0 14 KB
3 KB 128ms
34ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:09:48 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 85C0 355 KB
123 KB 129ms
35ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:09:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 85C0 15 KB
6 KB 109ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 11:57:14 GMT

GET
H2 200 6855582819185741633
tpc.googlesyndication.com/daca_images/simgad/ Frame 364F 29 KB
30 KB 183ms
130ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6855582819185741633

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736965&bpp=3&bdt=305&idt=191&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&correlator=8689750909977&frm=20&pv=2&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qsdoALe2OE&p=https%3A//kooora2day.online&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9afd87fd74378e162c0cb3cf67c71e829f1beaac96677263812db425ee4845b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30153
x-xss-protection: 0
last-modified: Sun, 27 Feb 2022 07:25:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Mar 2023 12:38:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 364F 19 KB
8 KB 98ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
server: cafe
etag: 9159073006381693422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:31:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 364F 0
0 108ms
107ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cyi9GYWUfYon1DqiJ9u8PpvatoAj16sfSaIj-1tHlD7CQHxABIOuD0XZguwagAfbFvsQDyAECqAMByAPJBKoEywFP0EcKUSckZgYc1oeoV_mhAgltTzufcAua-226r5fwf6y4dOvTR2BquA4itish3T6o_dXEVP2fabXJ9BIbWhFyPwP9ebDQWhLfaXh5VK4PDrG2A9KXkugRDtbb_ihcYpOigm4-jrjW6W9jSygL7L9ckTCsJus_wO73Ttnn1OWES4zWwcCN_Zke18z-MrY982bMVnaqP93p4sOo-FOwnI194xtSv2mt2YqqX13ySjf9oG9F7M23hBT0Vk8jaH7m3hpILt1fwpgEf58gd8AE_q_1_vUDkgUECAQYAZIFBAgFGASgBgKAB_K5wTuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDQwMTk3MDkzNDM3NjM2GAA&sigh=REdHC0LQlpM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736965&bpp=3&bdt=305&idt=191&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&correlator=8689750909977&frm=20&pv=2&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qsdoALe2OE&p=https%3A//kooora2day.online&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 02 Mar 2022 12:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 364F 2 KB
1 KB 151ms
109ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:32:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 364F 124 KB
38 KB 132ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38862
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646052075697155"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 364F 15 KB
6 KB 119ms
77ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 11:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 11:57:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 364F 28 KB
12 KB 134ms
93ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d725706171ee167813fe2651beb7d7159c4378253a1b40e333b49eb3b15f20bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11752
x-xss-protection: 0
server: cafe
etag: 6517694515140145583
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:03:56 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame ABE1 220 KB
60 KB 132ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 115277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame ABE1 16 KB
6 KB 193ms
97ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 115277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame ABE1 96 KB
29 KB 201ms
105ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 115277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame ABE1 74 KB
17 KB 214ms
118ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb965f3699518d8395cfb70d083643955fc2933fe9b4f969c3dc7ea4aedea90

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17272
x-xss-protection: 0
server: sffe
date: Mon, 28 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8236b39f432ecf96"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Feb 2023 17:46:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame ABE1 5 KB
3 KB 130ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 115277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame ABE1 42 KB
13 KB 195ms
100ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 115277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
DATA 200
OK truncated
/ Frame ABE1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22c0bde5147851673d9a566f48687305cc92c63ae9994d6d227b2d4dd4e481c8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg.jpg
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 3 KB
4 KB 105ms
73ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/bg.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1beeb14fcd194b0183ecdaf247fe599782ed1ad690c3529a00c972e3d519c251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3522
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 logo.jpg
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 3 KB
3 KB 108ms
76ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/logo.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

767e2f3fd92235d466642b48be901b78fe92f5a0aefdc28f79234fb3cfe10faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2714
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 learn_more.png
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 3 KB
3 KB 142ms
110ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/learn_more.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d5eb7cf7e00ce503123be4608087c81b618288b261f48cbbe0efcd0f1f8b773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3071
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 card_1.png
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 10 KB
10 KB 146ms
114ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/card_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50606030e1a539bd497617e6a98485644b8778f02615ff5a0f61dc0dc37dc763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10129
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 f2_ticket.jpg
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 2 KB
2 KB 145ms
113ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/f2_ticket.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55891179b1b2aab37438facc6b547e2fbb16608374df148ef12120a58da87e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2369
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 phone.png
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 9 KB
9 KB 90ms
67ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/phone.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc8273eec8e059a535a6c3ebd4d67238686c044e164b3455ba75345f1aa4d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8784
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 f_4transaction.png
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 4 KB
4 KB 136ms
112ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/f_4transaction.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa245c7adb263256ad4366c6c45ad49376732bb9e722ee51e53517716f437b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3657
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 f5_transaction.png
tpc.googlesyndication.com/sadbundle/809833111608207158/ Frame ABE1 4 KB
4 KB 143ms
120ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/f5_transaction.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4848a9644de855c1058a77c17add6b7994f2ed15a979bf74540ce5709d03db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4154
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 A.woff2
tpc.googlesyndication.com/sadbundle/809833111608207158/_genassets/ Frame ABE1 5 KB
6 KB 115ms
37ms Font
application/octet-stream 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/809833111608207158/_genassets/A.woff2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563c8aea477fe6d1e75e7d73fec8f2d94d3ea5c4663aa5fb2fbc3563a10f7404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 17:27:31 GMT
x-content-type-options: nosniff
age: 241886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5620
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:28:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 17:27:31 GMT

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ABE1 3 KB
3 KB 134ms
111ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 14:27:16 GMT
x-content-type-options: nosniff
server: cafe
age: 79901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Wed, 02 Mar 2022 14:27:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ABE1 344 B
474 B 90ms
66ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 70792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 02 Mar 2022 16:59:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABE1 0
17 B 108ms
107ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFp7EYWUfYsHbD5Hp6gTthKWAB9Cco5hohsPXg6oOv-EeEAEg64PRdmC7BqABybHQvwLIAQmpApi2Fq2SU7Y-qAMByAMIqgTMAU_QdQhUhjOYIRvp6B8tIeR4tscaj8mWWbcK6-NmK4TvnNPdV86oFCzVO63OlTSay8GtGhOxZM2Pua31Vror0a8HT2lLEWI8CvsEhXoVPt0p_FiMdOKqgXeO2cHQWnqqPK1TbO3bo-1fVyHYk_I-FaQlYWZX5Le6SL-9_XPslBq2aYCat9BqpTG2FQqVu8vZ2w7w05oyPwe-CdiT9HXTAzeFB0HJW66cuyev8UiEqz3Uo5hMiHyYt-Y9pubUOPF0gu7cTQpYDYb0VffeosAEn6vcjv4CoAYugAf6lOllqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDXSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItMzQ0MDE5NzA5MzQzNzYzNhgA&sigh=RKdlBoBmT8o&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736968&bpp=1&bdt=309&idt=205&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lSjHJTyxWE&p=https%3A//kooora2day.online&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 02 Mar 2022 12:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5347
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFcHn4gihdRm1kMPGMoNHUc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFcHn4gihdRm1kMPGMoNHUc&google_cver=1&C=1

43 B
1012 B

77ms
77ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFcHn4gihdRm1kMPGMoNHUc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRDJi9WTAxjj593BATAB&v=APEucNXAyP9CeWSYlieOCr0-XgSPsgdc7cbzMovvggVY2dYWbK--xuVrfOpw7nAJkAs7_9Qz0XkLcgH7Ob8wC0-abZDrktKKlwUjTuOYMDmJZUTudUUoGma2gPD55LelCf78gdzANfyG6BdhSPRcSziuA3UUrCUJkk9jq98YtSYoYcwmEv0nb0o
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 12:38:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Mar 2022 12:38:58 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 12:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFcHn4gihdRm1kMPGMoNHUc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5347
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yh9lYXZ1eJs6djmxjV.jhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIF1vm1AzO4AH08Osa98io&google_cver=1&google_hm=2

43 B
892 B

77ms
77ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIF1vm1AzO4AH08Osa98io&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRDJi9WTAxjj593BATAB&v=APEucNXAyP9CeWSYlieOCr0-XgSPsgdc7cbzMovvggVY2dYWbK--xuVrfOpw7nAJkAs7_9Qz0XkLcgH7Ob8wC0-abZDrktKKlwUjTuOYMDmJZUTudUUoGma2gPD55LelCf78gdzANfyG6BdhSPRcSziuA3UUrCUJkk9jq98YtSYoYcwmEv0nb0o
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 12:38:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Mar 2022 12:38:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIF1vm1AzO4AH08Osa98io&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5347
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMas6NAk8JRIRBBEmnX640c&google_cver=1

43 B
1001 B

134ms
127ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMas6NAk8JRIRBBEmnX640c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRDJi9WTAxjj593BATAB&v=APEucNXAyP9CeWSYlieOCr0-XgSPsgdc7cbzMovvggVY2dYWbK--xuVrfOpw7nAJkAs7_9Qz0XkLcgH7Ob8wC0-abZDrktKKlwUjTuOYMDmJZUTudUUoGma2gPD55LelCf78gdzANfyG6BdhSPRcSziuA3UUrCUJkk9jq98YtSYoYcwmEv0nb0o

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 12:38:57 GMT
X-Proxy-Origin: 5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: de786845-8a58-483a-a6f2-27ed8a34d7a3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMas6NAk8JRIRBBEmnX640c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5347
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkwMjQ3NDcyNTA2MjkyMDY3

170 B
188 B

92ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkwMjQ3NDcyNTA2MjkyMDY3

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 12:38:57 GMT
X-Proxy-Origin: 5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 56ebb1b6-4236-49a6-b7c2-f4be38bc7474
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkwMjQ3NDcyNTA2MjkyMDY3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202240101/ 151 KB
54 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202240101/reactive_library_fy2019.js?bust=31065347

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

699eaea7f37fe661fd34eb84e7687df50ca1395564c7991301024dbd0e7cf83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55002
x-xss-protection: 0
server: cafe
etag: 10401091472012640965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 4500994504342976217
tpc.googlesyndication.com/daca_images/simgad/ Frame 2CEC 20 KB
20 KB 92ms
91ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4500994504342976217

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

573693ea4a23fdde65dbe87ecee6bfd76bc04a6d39b709f043c128367a95c64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 07:05:12 GMT
x-content-type-options: nosniff
age: 20025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20825
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 07:15:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Mar 2023 07:05:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 2CEC 19 KB
8 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
server: cafe
etag: 9159073006381693422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:31:22 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 2CEC 2 KB
1 KB 79ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:32:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 2CEC 15 KB
6 KB 80ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:03:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CEC 124 KB
38 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38862
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646052075697155"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 2CEC 28 KB
12 KB 84ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d725706171ee167813fe2651beb7d7159c4378253a1b40e333b49eb3b15f20bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11752
x-xss-protection: 0
server: cafe
etag: 6517694515140145583
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:03:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2CEC 0
0 120ms
120ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmgX6YWUfYqfjD4686wSZ5YbgDojf6YNmys2JxsIPwfG4wLggEAEg64PRdmC7BqAB0LH2mQPIAQKoAwHIA8kEqgTIAU_Q6ABENVwmlMW9wWhuuecG0C2wypP_Q6VXqa0Q5BiBqrEFI1EgV3c4gNQI7h6h4eTzLxf4MVEBzAC6AIMqwAvjLZ3LTjSWqPrHE2TLCs7wd6NSAAWVadfdR1QwHsSs5-bARYb0e9n_6nPG5i6ZywzeYicMW4l3BewwD8BXEfiJZAas3hrj3gSBFGwR0h8lP1XWO-Es3mO2saoavuWBwkoxIp1WMgEOb6tgavjiVNZa3v8EWzR2OqnWDAvIAeBQUl8W0ReahhBcwASqj9ns5AOSBQQIBBgBkgUECAUYBKAGAoAHmM6JZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIeGAtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDQwMTk3MDkzNDM3NjM2GAA&sigh=2GITblJkwkY&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 02 Mar 2022 12:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 725B 143 B
163 B 35ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736965&bpp=3&bdt=305&idt=191&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&correlator=8689750909977&frm=20&pv=2&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qsdoALe2OE&p=https%3A//kooora2day.online&dtd=202

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 02 Mar 2022 12:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E336 247 B
962 B 143ms
44ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

5f950a7b20d9aee54c00b8e7326f3a600214670cf276c697692ddab789636c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-ELCYNzyEvjTlWQXcX-Gj_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 203
date: Wed, 02 Mar 2022 12:38:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A28 0
23 B 68ms
38ms Ping
image/gif 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 12:38:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 86ms
43ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 85ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/ Frame 3E63 10 KB
4 KB 35ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 02 Mar 2022 02:01:15 GMT
expires: Wed, 16 Mar 2022 02:01:15 GMT
cache-control: public, max-age=1209600
age: 38262
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7A28 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89c4ac2f6d37ed2080e5a506ea2f9aaef4b3c301190c1a42e2dbca2f691c1bae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8663 143 B
163 B 34ms
34ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 02 Mar 2022 12:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DCB2 22 KB
8 KB 35ms
35ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Mar 2022 13:54:22 GMT
expires: Wed, 01 Mar 2023 13:54:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 81875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 43FF 2 KB
532 B 66ms
35ms Stylesheet
text/css 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 12:18:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 12:38:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 43FF 2 KB
904 B 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:17:25 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 43FF 19 KB
8 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
server: cafe
etag: 9159073006381693422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:34:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 43FF 2 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:32:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43FF 124 KB
38 KB 94ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38862
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646052075697155"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 43FF 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:03:53 GMT

GET
H2 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame 43FF 28 KB
12 KB 43ms
35ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 06:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 31 May 2022 06:25:05 GMT

GET
DATA 200
OK truncated
/ Frame 2CEC 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3c2437814d4f9db3c11bac9c80ba14567a8f486645b5548d4eeddb9a3a5e0e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 3E63 4 KB
634 B 34ms
34ms Stylesheet
text/css 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 11:00:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 12:38:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 12:38:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E63 205 B
743 B 110ms
34ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 17:02:14 GMT
x-content-type-options: nosniff
age: 70603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Mar 2023 17:02:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E63 604 B
792 B 111ms
35ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 09:01:33 GMT
x-content-type-options: nosniff
age: 13044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Mar 2023 09:01:33 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/ Frame 3E63 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ee7d638b3d881d88751994caf7ac70a4e2e88ab491d84d96bb668427b775ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8389
x-xss-protection: 0
server: cafe
etag: 27632183439263750
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:29:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 85C0 0
327 B 355ms
116ms Ping
image/gif 2607:f8b0:4001:c0b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l09jpd69&c=2470709557485&slotId=1235354778742.5&qqid=CLSEvYW5p_YCFYaZmgodZ0sA_w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0b::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 85C0 15 KB
15 KB 76ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 59462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 85C0 15 KB
15 KB 76ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 63548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C0 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CUZe3YWUfYvTPD4az6gTnloH4D9TzuN1ojYudkroP8C4QASDrg9F2YLsGyAEFqQKv12ipblK2PqgDAcgDmwSqBPUBT9Dh2Q08uxDTDcbAwsV4uIrCnWXzrY4vI3Ifi0pNlcPDmhxlyLaaOhUEIcEu6_l4l0fORENbEbMrzuyjmjuu5G6qxSHa5isr1-3yg59h_1gu8FWpbFZaF_C6vMNDXY4X3SJvINr7BTU-NSi74c1t7FSojE4thwvp0r54s62GLM169TCXFK3T1CHg0AUsi8vXdaVpQEHZU9IFd7WiFOQTTLq--StbvbXR1JKFh8-fb_VHuU7rvoW8nvAFbjZBS60YaLg9HlbfhFNRl8X4NNs0E0DDLSlCtwpAkwZxTSyEs7LfZbcLDlDwYnT84CxmiKUgJHN8OQ_ABKiq1_z0A-AEA5AGAaAGdoAH9PX9iwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE9O9sg7QEwDYEwOIFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1646224737828&ai=CUZe3YWUfYvTPD4az6gTnloH4D9TzuN1ojYudkroP8C4QASDrg9F2YLsGyAEFqQKv12ipblK2PqgDAcgDmwSqBPUBT9Dh2Q08uxDTDcbAwsV4uIrCnWXzrY4vI3Ifi0pNlcPDmhxlyLaaOhUEIcEu6_l4l0fORENbEbMrzuyjmjuu5G6qxSHa5isr1-3yg59h_1gu8FWpbFZaF_C6vMNDXY4X3SJvINr7BTU-NSi74c1t7FSojE4thwvp0r54s62GLM169TCXFK3T1CHg0AUsi8vXdaVpQEHZU9IFd7WiFOQTTLq--StbvbXR1JKFh8-fb_VHuU7rvoW8nvAFbjZBS60YaLg9HlbfhFNRl8X4NNs0E0DDLSlCtwpAkwZxTSyEs7LfZbcLDlDwYnT84CxmiKUgJHN8OQ_ABKiq1_z0A-AEA5AGAaAGdoAH9PX9iwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE9O9sg7QEwDYEwOIFATYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 85C0 27 KB
15 KB 155ms
70ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BxkIMMMWeucWyxd-Y8frr1eEEX1SOksu4Qg1aoaEKOFghuwqNFjZtm878sg4zgjA4cBq1nLQyK-Y6JWzh1MsbxJHlr3g&cry=1&dbm_d=AKAmf-AbAH2UJZN42D0ifo5t4e9zhbKP7f4GDeqYZ-lKOw_tFyeCgcwtXZFkCk2as724J5wFto8DYGHdAk2Q0Emv2bZcnVoVcBSnyMzZxxu-fgByJVfD19lChAUZKN8RmUdver_UHJ1YD2F-2074484gRK4R8QhsxmUxvBAeT85QYiDzs895NHcEQEkrxvRbtdg4B-yCW9URMJgQhINTyZNX456xwfV6_7LivTiDO17xsqPLmbNwNnAHVLC7WwEZVvEakPctuHMYrA5Z3ORqvuMd6P4LXMJb3Zko_KARPWDEMgthXVr8OpxRV8F7K1u-O7onpANey8R0I3aE5f4MmLE0DVsTBbZ8N2EADCNnWs-7FQjafMPD4VleoF2P4RMCKNyhs3D6MkqtFKfZ2DxaXHCpLilrEdyly4Kn8J5ppB8OFdhvPdVUCYJkk0_4_RSCqXyG1JsSFNrqfqmRu1FK0Tu0PoH4CFY1ogVraXw2CJs-48y9Z0pzdgQGpP3I6XEjyW4Sz5NVog-tDrFMveY0xac8jbhKjRGlf7zJnWc6ys9xeOFutWybcweVYMPtsoxDOv4GYfMndqvTqrPjNJpnx3FWxM1LZ0ys5kyolPHh3QNIcSgX9oakAF5NIkQ5KSvHnmIN0Y6WiDy42r2ePAFxeSHCtUdi9TOPRY30dwwIy8rqo_sASg8HyjjxnVSJhf16lfFAGqTWJTSuSSBsqGOzw3BIHoRGWtoryXOuG0jcqpmozQghdQSbEeR4EP4A4vnhQYgFU3hF7Y-xPGKpg4ENCNfGs0wmeO8H1rpZuYajxje3abhXBW8zizp8V6yz5wp5SfFnD5aX7QgWNUm4R7L71OFGgggNScjP-CqsjGmmOg9fpoFEkJi91uDGDdy58pyvq9yqNf4RGw-LgkIT673gIXP5qdw3uO2SfOqthAXhnh9FW5f_LVWV4j8IJ9ioRwxKYjvkwA_vDTx0sSKpuwK80lR08XRHziTWZjfGLZWmBLiF81-hBRe3d4D9Ym1pA303EnLEuyvEua7p2hq2Y2LM2zU0MfP-RU4fO4qdxE-L4YIEDjYS8CDZAcsZYige4pa31S-Z4ZUEzxsOyYkH83s-KzBW3MvWKW6BE5Qp4m0HlMECXLwXKGrsvtECSIWAgQGOH2vhqg2iYS1H7__DhC5DexO3Vg2Upn1NreshWVTlDHPxb5ohpsnS0uwvBw80b_gGTD1dhElc85fsjDJyQP30j0mfwira2xlN-qSls8VC_HFL-QGn20hy1E3f256BuOC5qWTCWs6bo1NynR8QjZ-pW2Kj-PDU4tmNDCYo3YLs2b3BkCFB-VCGYSpjnWzV8luYKRYB8mYl0u7eBcVh5mBwHKUf-M1kwdbnxiTjd__MniBp4qSVoEDhL89amXWO5FJLPgxRm5PyyiC2Fx7u-QegNj_5ae5o2Xql8Xj0lbqAujxUBXaoC_OYpxOZn72zXo6okxi_XiIysg0xpAoEAHYRledu-VgKVh1aM6GmEudm7R9_j8O5BcGx_FC7x_fsEeggEv96TIOhnONN6_UZ6zQgzH0qha47Mla2SU2oMZ48hcOuv_uLC2Ry0cmUmjC42kp9i2OiXs2i_P40H0QdUz5C-lnEqqG8jXAqppPqwyK_3Uv0ba-oeUF8mjWnRuLNoTmELq69YLozIgzuGjodG5S0-u-jHGLhFIsy83EmTi1ondBbXBMlEgitdkuzTkLA6Ad8AIRv8hRrnpWXdVfAXY3_DA0JmerQ6eLoCOu62tEDVop0yVvgY7c-d1ztqfB4H5u-QJlPsfeYmRIR6gMdu9Jg2NsCva5b7hc4qNlcX4wZ8WtiQphb4uDiSL0wuAz4cfbcVF3uZaPdDjr7WtAXsXYDxy0-CgfotvxopsvOwOtY09xlmVxiHMROJCWC1ckbSzXBW6InOojU8Twy24qZgPSz5NY1XAwzL3YNKszJVW-6iC_kJbZ-b8-V3OO9pCR3Y24IIx--Upr37AnmQGDRmdRUtQ97yR5ujPd2tUJmzKHZNKGW2xZJCYWR8UXDiLnKYflAC-AbxUp00ZvlLC3ez5OVIXMgQ6opaqG8_OiDQLtQJJiwwUIar6RbZMzEU8lZrvLG9a-imQW6sIIPL3qKl8SAzUcWwe0ztQjZ4nlqil1UzVipKXu1EJhw7XvYpCSMUgAyTopAXKaa8vOZd5OiqurX1P6CgNprx8eARwy_1UrTGcl1AI0GScIrjM1h0pPvbG5EL4zJr-8_13Wz64v9nGrp3H7zBrH32mWmWLsKJLagKYG0Ba_Y-GrTbQ-QulTS7-Eo73IkZ7eHOT-YHNkIP4Xh2QFoRtBobyXgs-jQuhsegUgY4nrjePNpZLajOtUid7CFAdql4kzIyq9tR5ci0ZP7VuMwbhbKTj_Wb1gIRgYsjCxYdJnav4DPCkFMO-n7Ia827UGMukmaBEtd5fyB1xF3eqbxGi6c1f_61bZnetu0VjmtKJSDYwzYURYahvpZ-J0dOKvqfpekar82BJOW0AcqeSFwdJul7Ss-DDy2BulCY3hfJu3i4B0gTRv545iZAxQMlO2QSIT3GqyvBbkHvxESKtgl6f4INe4nIrTKj2pu03zYyCqG6j0Lp0ky0cgcFGGsH07Xk2epw0skflRifOTpPEYsHQbh5p7_r7acUTYo7_eYtSJUN_OKT8NdcKF_wBtDoRjPZpVSHituT__p_4Qvtj_v6UT7y4we9xu25RMWU7MS82e34QznSD24hHILx-I6u_PfylBJ8QAvG22sNBT5dkbvYk4itJtdU0neZ2BjBAlszZRQOgq8AK-8TuWkM18iyiogmdkLa5S6hQNGnwerTEZqkIptlwSKEeHTzTxfMuqRRH4wiPXXBvq583hihEGfS0vOGcCzt53O3VnxLSo1ABR07UvMt2eCRYFndsDvXC3gIGDrXL5PE7aHWLf61Duk6oxlVuvSOIVH2YK47mu1Wj3eFfCvEYqOSEjfqc3ZhJE2QY9HDBsyg0m2b6_rhRniN5vd3etHwTM4hjg6feexumkwQLxiCldm8mWsWehDzUAu4YmM72YwTCyWJz6LmqzohBvC_suId0Cj76ZVzNjuSAEBzfweUzlJtj4XlEHrdh4LCVVhi3FEmyjQnJBy1xw30kjIj723gcXuYCJKMob8UBtcGfM1dM2MLkLo2FbSo5cnbi2lKzumLNGNscB1_VRJCBwrXgRtOjkGtQpxWQ4CBD6xFfi3Y63eadM4x23phoxUHN3o27hENR1_wwSXuFfHvZQmOxJtdU5TtyzycB7NuPQ4QSzvAYtOeiMLdFYLt2IAFdyee9T3kRZgztaDl_nlkta85mVjrmRCZhOUho6TenxDCnJrXFn_H98F5F6zxbGloPy1OOJ8eL5r9xlSRxfzKaO-0Iy-QRx0Ow-TVco2-XZS212RaDRyYsMCnHh4HFH_-7E7ne_lsa1qQAGBc0fCxHEXZOVUhB2kb6TnvCMAvxqq1H6NQCF4MJCtRJy84xtMs7jNqNQrk7DfdEwBNMMNma3-k6ug2CEvitN7xjn73c138IlkAkzYal1-rFg0o8b6a1HXe_UNiKwPkwm5Si6rY7hrGs137JXl0pv6Dl8iIkuYmRfi3eK6qQ&cid=CAASBORoemI&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

9d6e8f3008d9c69cabcd4ade1fa8db5f6b7b3d09470ceed76549e4ce8e50376d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15216
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 85C0 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxxjqYWUfYvTPD4az6gTnloH4D9TzuN1ojYudkroP8C4QASDrg9F2YLsGyAEFqQKv12ipblK2PqgDAaoE8gFP0OHZDTy7ENMNxsDCxXi4isKdZfOtji8jch-LSk2Vw8OaHGXItpo6FQQhwS7r-XiXR85EQ1sRsyvO7KOaO67kbqrFIdrmKyvX7fKDn2H_WC7wValsVloX8Lq8w0NdjhfdIm8g2vsFNT41KLvhzW3sVKiMTi2HC-nSvnizrYYszXr1MJcUrdPUIeDQBSyLy9d1pWlAQdlT0gV3taIU5BNMur75K1u9tdHUkoWHz59v9Ue5Tuu-hbzG8bcEPmurn4rXR8MghyGN6unrfEB2VOZRzzlnNkgLAGmLjNbtUD0pRMpLr7-YmrLthAr1AH41b8YaosAEqKrX_PQD4AQDiAXd1ZCjPZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH9PX9iwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDWsAEYleq6wwHSCAkIgOGAEBABGB-ACgHICwGwE9O9sg7IE8m8y98D0BMA2BMDiBQE2BQB0BUBgBcBshccChoIABIUcHViLTM0NDAxOTcwOTM0Mzc2MzYYAA&sigh=d0ssiAzgkW8&uach_m=[UACH]&cid=CAQSGwCNIrLM0MJqlCzULkR0hZgrBeej7o1LFqtApg&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736971&bpp=1&bdt=312&idt=224&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=2451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=fo8SSf5ZaG&p=https%3A//kooora2day.online&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 02 Mar 2022 12:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 364F 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6959ffc931a67f5f17c1b4240fdff63403eae0a44283fa11281303650c6445e0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 43FF 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 824e2fd8fb72711c407a0451879670798ab118380b3dd81e3d7415d014c5d687

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 43FF 24 KB
24 KB 127ms
33ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT1oNmyfBH0cfgUSDXtlWG0dGaHM63_L4FKvrghTx6n13KRVbA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f3afc71aba25e5193968048256bc3701370258e28e44105d530334bce5036b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 09:21:50 GMT
x-content-type-options: nosniff
age: 184627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24128
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 02:47:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 28 Feb 2023 09:21:50 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 43FF 31 KB
31 KB 139ms
45ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSE4L7uswD-TOAh1HEiHvEW9mYnZ-ccKIVotQf0px9qkN7PyA4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

962bef8c5925fe553f2594df35585a5e9a3095e360797fa07fb192a0180ee535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 18:50:07 GMT
x-content-type-options: nosniff
age: 409730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31464
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 14:05:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Feb 2023 18:50:07 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 43FF 19 KB
19 KB 194ms
101ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTW0aJeqE0_fvhlcfzcCji-7LQysxX7_m20rhsRjFlHGauUViMh&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13456d4fa8db14e906fc975f9cd30e7aa69a3c0e4895b562e4ee9593eade4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 11:19:37 GMT
x-content-type-options: nosniff
age: 177560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19595
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 02:42:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 28 Feb 2023 11:19:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 43FF 18 KB
18 KB 127ms
34ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRMPeIPnHO1S9sIzagZR0oGNvq4o01ekT63ii9cMwNyrW__W1Q&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef56290d6a414537e9221fc437fa720383d5de39cbecad64832a6ff0f8315b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:16:47 GMT
x-content-type-options: nosniff
age: 163330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18107
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 02:25:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 28 Feb 2023 15:16:47 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 43FF 32 KB
32 KB 169ms
76ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRxRIRic4F2R3fGGntADCZqXo95R1qSEs8m3PPGL2z5WTSQyY2z&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be06cb7179678c39e1242660384b3b9c88c290bf5af43377dabb287a0e23546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:12:53 GMT
x-content-type-options: nosniff
age: 408365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32624
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 09:18:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Feb 2023 19:12:53 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 43FF 25 KB
25 KB 176ms
83ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ89WTrilgrjXtpmna9BrNWXKkeGC0g9wHG6pqzNCo2m5ls9qkXg1GEUoae_ms&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbf7e0e399b04d485b87bf91d63b01578f601e3443cf9bf53223d577b76f1ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:33:41 GMT
x-content-type-options: nosniff
age: 403516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25167
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 03:54:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Feb 2023 20:33:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 43FF 23 KB
24 KB 128ms
35ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT74pAVEcHBdVN6ZxpkiF6qKBvs8razXKkKMnqtGg2hknkxbkR4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b8e5ec71d619ab76609fd51c487682ddb89e1b6d6222180dc59af5518780aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:06:04 GMT
x-content-type-options: nosniff
age: 487973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23992
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 02:45:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Feb 2023 21:06:04 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 43FF 25 KB
25 KB 158ms
67ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXw5NFZVdFBylZJ9aYp63VDyuC5oJoHPFTHdg1aANm5_xan_E&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a8729ca45d78edf64e2b4a0ca73be66aba6ed3332cb949ce010b5bf059283c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 18:40:43 GMT
x-content-type-options: nosniff
age: 410294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25454
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 02:57:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Feb 2023 18:40:43 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 43FF 33 KB
33 KB 199ms
107ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQZF6JQCJ0o7WUte8ZWMa0Yfs9TAY6svn9wpFUQb43mhKCnhko&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d58bc3a27af169cb087a0831a377f21b5a875ba34cd73b4a2f54ae0ea362f0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 23:23:15 GMT
x-content-type-options: nosniff
age: 306942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34071
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 02:36:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 26 Feb 2023 23:23:15 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 43FF 36 KB
36 KB 121ms
35ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTM3fxl9fUzSaMkBZIGQ-FlE-NKQ7v0xh0GRdiyAbaFggIkMRND&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dde798d344b8e528b67d8d96ec2ca1df05b70bae356a8903985775b45002e7ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:51 GMT
x-content-type-options: nosniff
age: 314946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36661
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 02:56:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 26 Feb 2023 21:09:51 GMT

GET
H3

200

11936964303781137629
tpc.googlesyndication.com/simgad/ Frame 43FF
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDry5-nuQEQ6AcY-gEyCIB-0ZnLxjRj
https://tpc.googlesyndication.com/simgad/11936964303781137629

64 KB
64 KB

36ms
36ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11936964303781137629

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5488c6a9dd5d39ab64aeb93c9a5ace188e15d47fed1829c06d6632620b4496d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 07:53:06 GMT
x-content-type-options: nosniff
age: 276351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65272
x-xss-protection: 0
last-modified: Fri, 22 Nov 2019 09:54:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Feb 2023 07:53:06 GMT

Redirect headers

date: Wed, 02 Mar 2022 11:57:25 GMT
x-content-type-options: nosniff
server: cafe
age: 2492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/11936964303781137629
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Apr 2022 11:57:25 GMT

GET
DATA 200
OK truncated
/ Frame 85C0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72c889abd45f6489223c4f68c6f2e6e5f0816f3b6a225a0d2afe6f521028ae30

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 725B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

107ms
106ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Mar 2022 12:38:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Mar 2022 12:38:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012202072236000/ 23 KB
8 KB 105ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f45735c60d62a9d690f19eb78ac9d4583d9b9d68e2c89ea277a9786b36767a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7955
x-xss-protection: 0
server: sffe
date: Mon, 28 Feb 2022 17:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fc09a3fdc14ea30"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Feb 2023 17:46:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 43FF 0
0 107ms
107ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQzThYWUfYtHSD5K46gSQsLO4D6nWi99otPaCyuQOm_uB5twpEAEg64PRdmC7BqAB5ZDKyAPIAQmpAosob_Bzm7I-qAMByAPLBKoEyQFP0DRhr5E_GtNYUWfx_wsdpkVvi-smPH36EuY-fCgjXJ91Ga-IU-CTib_17UVOKpo7PuvejYfcaQACrQeX8D9OM32qf6GxGHtl_7PZxh7N82iE8r-NtuN68RItfQ2pzNZTTbXzyPSV2laz1OsmOwiKhXIq6ctbsdonGu0V37gdfcJK4T8f8szgqVOyMFV4aL6tRcNfjsgQy_fKE2qlvpPDFh7p_dqgPsExY0CFIGYO5xkv6nq4ydJQdBXQ72y_XWa6KTUrzpCyIITABOXQnbDcA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfW0843qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOrEC9IICQiA4YAQEAEYH4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zNDQwMTk3MDkzNDM3NjM2GAA&sigh=S0oUyqq3KOI&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 02 Mar 2022 12:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 iframe.html Show response
p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E336 4 KB
2 KB 87ms
44ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

adaa7ebac09a0db0450f7db330348788e02ffee2a3edc2f70d1888a89f355cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-UhWSvJFsiSCfvVEoffntOQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1862
date: Wed, 02 Mar 2022 12:38:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 10CB 2 KB
904 B 50ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:17:25 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 10CB 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
server: cafe
etag: 9159073006381693422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:34:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 10CB 2 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:32:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10CB 124 KB
38 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38862
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646052075697155"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:38:58 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 10CB 15 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 12:03:53 GMT

GET
H3 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame 10CB 28 KB
12 KB 80ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220228/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 06:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 31 May 2022 06:25:05 GMT

GET
DATA 200
OK truncated
/ Frame 43FF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbe27964038812f10e113e435e204baa79fec074d60849fb2fdb072688668aed

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8663
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

169ms
168ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Mar 2022 12:38:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Mar 2022 12:38:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Mar 2022 12:38:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame 29B2 35 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736969&bpp=1&bdt=310&idt=208&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uKidUoqoze&p=https%3A//kooora2day.online&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 43FF 20 KB
20 KB 34ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 580056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:31:22 GMT

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame DCB2 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 85C0 41 KB
15 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 13:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:10:14 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 85C0
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r5---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag...
https://r3---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

119ms
25ms

Fetch
video/mp4

2a00:1450:4009:3::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FCCC78B301B434149FA64EE9E1E6596D70FFFC5.12D4BBBDE129DE000C02A4125037885A058F61E1/key/cms1/cms_redirect/yes/mh/Yq/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrnld/ms/onc/mt/1646224019/mv/u/mvi/5/pl/32/ir/1/rr/12/file/file.mp4

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

HTTP/1.1

Server

2a00:1450:4009:3::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 12:38:58 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2642387
Last-Modified: Mon, 28 Feb 2022 15:20:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 02 Mar 2022 12:38:58 GMT

Redirect headers

Date: Wed, 02 Mar 2022 12:38:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Location: https://r3---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FCCC78B301B434149FA64EE9E1E6596D70FFFC5.12D4BBBDE129DE000C02A4125037885A058F61E1/key/cms1/cms_redirect/yes/mh/Yq/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrnld/ms/onc/mt/1646224019/mv/u/mvi/5/pl/32/ir/1/rr/12/file/file.mp4
Vary: Origin
Content-Type: text/html
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Connection: close
Timing-Allow-Origin: null
Content-Length: 0
Expires: Wed, 02 Mar 2022 12:38:58 GMT

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0802 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1646224737&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646224736970&bpp=1&bdt=310&idt=216&shv=r20220228&mjsv=m202202240101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=8689750909977&frm=20&pv=1&ga_vid=1027809599.1646224737&ga_sid=1646224737&ga_hid=193384595&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31064857%2C31065347&oid=2&pvsid=4140970078113737&pem=612&tmod=1379512730&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wrhowHLaqF&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A714 23 KB
9 KB 35ms
34ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Feb 2022 13:11:07 GMT
expires: Tue, 28 Feb 2023 13:11:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 170871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame 8ED8 35 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame DEDF 35 KB
13 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H2

200

wdbloogablock.js Show response
cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/
Redirect Chain

https://cdn.rawgit.com/Abdo-Hegazi/wdbloog/6bdae011/wdbloogablock.js
https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js

89 KB
61 KB

93ms
41ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e0fa139f142ba0536cb05f41c2f8041898dec667e91bfb86f132181f792c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30938
x-jsd-version: 6bdae011
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19132-FRA, cache-lcy19246-LCY
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1648b-ZlSERJEr1qXnAA1jGd0QGwxRXIA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e5a31489cad74a1-LHR

Redirect headers

date: Wed, 02 Mar 2022 12:38:58 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 21459
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 03/02/2022 12:38:58
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 107
server: BunnyCDN-DE1-756
x-served-by: cache-fra19169-FRA, cache-chi-kigq8000131-LOT
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: 957f67117e9027c56423bd437f550131
timing-allow-origin: *
cdn-requestcountrycode: GB
cdn-status: 301
cdn-requestpullsuccess: True

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 94ms
50ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220228&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7306dbc0f19789de8d5534e3d6b2f524f987e77d6eb58f92ab0c9e0ee3041544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 12:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10614
x-xss-protection: 0

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame A714 35 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 12:38:58 GMT

GET
H3 206 file.mp4
r3---sn-aigzrnld.c.2mdn.net/videoplayback/id/64b6d5892abcf48a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677760737/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 85C0 198 KB
0 48ms
22ms Media
video/mp4 2a00:1450:4009:3::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:3::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 02 Mar 2022 12:38:58 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2642386/2642387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2642387
expires: Wed, 02 Mar 2022 12:38:58 GMT
last-modified: Mon, 28 Feb 2022 15:20:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB2 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2IMEYWUfYrrSD4jq6wS825L4DQAAAAA4AeAEAg&bg=!8_Cl8LTNAAYFuXAgBbk7ACkAdvg8Ws7xjyNGmAZ-V80cDoqUvxLEwtu-_XcM5CTG0JdiIUO-qoqStQIAAAFeUgAAAAFoAQeZAuRI3Dw9TKBXQlFuDnZKB6r79c9GiQxmq0P_BJcoU5lh4bS7XnlwwAF7Rkhu0yuG0r2YLS4yw3b1d6t7xXIjkyrWBHmNYXhK8PC_aCK7sGrm5_YxDroB_Uf620tI1cgEKhPRf3treJLuHQDuU9yokoBDbx5fieZ-oflgSXYzARGOTu0b5IxHVZwdNZy7TvfviZkicQYclLElPoyZQZBX_mQX2N8z8fu5wvB8SJ2M93WqRiecuqH75SDXP0X_x0xE83vOinSRY0ZElJPAY8C3AVdggbgT3ywrJHxQC8ddjSxPyK3Y0EyoCK58USHJjb-QLT66Uh44SfyqTLxdWk2J6P6z19bR6xYnGQDYO2q_MDifHe2LJc14atE8lwhYVI5b_6DSc5pbzwOhHf6JkTYbjEV0VL5i9ogf4XNd0BFNmI4cLk_FsOMDvyJekCCSr1tGzshHpkfZl0Ctrpqbuv87dmDwQtU-a2ryFZh7V9noE4IFOycM3d-E53RGacoZ1LeU2_ejJCwL_DF4uNRCBfzQJAPO1aQCRFWwYYnfzIzB2s5Gm4cPygRI7dk8kBEUiX8_cW3UgzG3-jUMBuSKx219XlFSbFIOmCGHDhcFP5rDVcVc7Ot5bt3Yas9noKTU45KOAUk2DHqdZLfBeZhcXPjRo1dvclOOvQCVkknH2HKUuoPWhYF6VqqfLHwAx7BEXkSnQxHAOvNAH_Eeez9FQrlBOBbVKJ_I7i23XaODqdgNDK4HevGSbuWgTZkOLFZ5HfA7Fd99DR5MZ4SC9rT3I2Wqhggrb1aNn6cXAk3-Uc4gl21Kzz0PzVzbUAAv4O-HDDG3ihHS2gBqG7BMbsGbErLazXbm_F-2GiAw6kogynGhErBwO9EGgRsPIQLUGHLTarlj01LqhIpgQUBd49KBAt7vBoDSNvxPnnJxi6lNhvAh6NmSVhp_R5m_KkVbBBWyd8k1bKfQrQKFb37k8Ke508XP64QNs0YXaw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4AC 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Mar 2022 12:24:58 GMT
expires: Thu, 02 Mar 2023 12:24:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44C2 783 B
532 B 88ms
43ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca7442c45b6cd63509b4e54ae9669affd00e37fd68e3ae273d3c6f7d4dff710d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5+5A8w5raii1yceezogpXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 02 Mar 2022 12:38:58 GMT
date: Wed, 02 Mar 2022 12:38:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5+5A8w5raii1yceezogpXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A714 0
20 B 86ms
86ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLdzpYWUfYrHXOset-wb18JfwDQAAAAA4AeAEAg&bg=!PzylPHjNAAYFuXAgBbk7ACkAdvg8Wp-LezKT_0zQ5fRsxCP6STP-BdliuLB0_TsXQv9lQd6GoBHI_AIAAACGUgAAAAFoAQcKAFb90HmdB2e8yN_0I2_YZg6MwKwkRSczDr1NOj9LLM_eIUy4uEx1yGmebhDWvqPrR7lHxoun0Y-Cw2yi8eVocJqecG52EKF2pF4gdQiZS4kps96T2zDIJpkCzHvqqcvdtdEpvAb_0stCL48jwPlyZqI6iEWUmOq3L9jqsMSUVhvlwV420bcqa5WYsZ3lMqnoI0JwAkBeuRVIIeJjKucUJ5KIwCHjpw7EtoRpWF5Xj9Dx-8mHjKmXbQ7dTI4X4ilM9h6adHFBnpTLAHwsmt0j9r2QkuDXN5Ulg13M1R7WEwfoY_xHFpUVzmffAoNExumhLnpy1AzXPKwyJi0UsErH5dZBQZBm2fAsctf3vDVSE_grX8LpNwYZOqrx7_bZDs7z7Or0GSCUYhmusL7hfEbmK58ZEw9DqeXR6tA5swbpgm8e0NIcApjPRbM1xTvRYp564cHSneHqwEoDawqIzwMDiQGJ7nMKrfvjEMZOlzlYAW4vjje4INnSShEBgSuwXj_Zf0rsEiqK612dotlc8-ohN-CcDHAN57u6pAbRgo6O0mus_bQEMrVXBg4zTsq8x2ZcZOMeRCRJltywIBiHKQCoXww7CNs0EaKWYcqR1HwSQFkqVJ6rAsRK5HNOpQuj1dOPapwf5bbAXSWopeurl5m6J7YhEoDsw26aVM8vklj6d-I1Ys-MT_TEtYIWJZuSvA2npwQ-EWHqsSsaVOZusXqXklQeGL6ZSjBuQziJwLsB9lkKP7RgQfoGrDuDD-BaZU6hQztoRkxf433CugDJ7qiYIAZ00LkhC4m37wB9yLyNYvIhm7b-ub-nNy7TYo6U-WzMhIy-K3H7EQXKnveCT7TXpBFbapzoGee9z0a2GDC9xcLM50tdacUl3qh4HKUnkH09I9W7zf9btKSQIm9kSpogQjp3WSRGXH99HOeXM_6RQSTg8NubrKBQfcGjkqqwP6KSb4TghTv1885h_bdbJeEQQINcXSSKAF1ADwIZDwMA-KzzLOIE2_KkF5gjOphwGWutj3oMxkSNR19udMjtB7nk3hFasVavooi_yMN3GDxeSAgNIJjtV9Lm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js Show response
pagead2.googlesyndication.com/bg/ Frame E4AC 35 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13490
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:15:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44C2 0
0 149ms
148ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220228&jk=4140970078113737&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/Abdo-Hegazi/wdbloog/6bdae011/wdbloogablock.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2842a7b4ff7548db045e0af45bc1bf416898786fc4ed320bf3fc2e49d1bdb18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54057
x-xss-protection: 0
server: cafe
etag: 6771949290672467620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 12:38:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 364F 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss12xIkMXkINZLPGBRMCwfowhJJTWJTW4UwM8ZdonlQOPKZ9ujPjRd3aFvK9NHNOyEWY2QmjcW3cTrcRMJW0z57skFike82-cwCuOSMVB0KSnxCy4HSZg&sai=AMfl-YS5gyz_WfoX7ratu9E1qifGWMX7ZjQQt6weVlem7T1HEm8fIfLAUZ0kAEUyOAi6OOFbMhF-gGHWq4r6&sig=Cg0ArKJSzG1GAqQMSFsBEAE&id=lidar2&mcvt=1001&p=0,0,563,150&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3401964455&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646224737169&rpt=596&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E4AC 0
9 B 59ms
59ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vWICTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:38:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2CEC 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrFYnFc0OvJ4ydf6zoQGRjcB66NbLUzh-q8NNU-XImWVQjWVr8CLLLcgoo570Aooi3uVE0w6Q-kIkL6JgjyUDnzV6_3jb-G07hZ7ENTzTxVD_uLXwVQQ&sai=AMfl-YR99Ti0kxnpVhwdMl4vzsjdaH6sT38MQNPAWAYwiTMD2wjy5EJHunBw6Qrz3itAiHKW9r8oY6Z2__Rn&sig=Cg0ArKJSzDPt3H5zmNeKEAE&id=lidar2&mcvt=1000&p=0,0,563,150&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1631200381&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646224737181&rpt=629&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 85C0 0
17 B 234ms
117ms Ping
image/gif 2607:f8b0:4001:c0b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l09jpd7r&c=2470709557485&slotId=1235354778742.5&qqid=CLSEvYW5p_YCFYaZmgodZ0sA_w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=510&mt=video%2Fmp4&vs=970x250&ulv=1&cll=0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c0b::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43FF 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4p-UOXfS0OV0BpwtdmJVkjU_B3CfsumC1nkJvrhzlTmvWbs3nML_8PU_ulDkCBkIB-koBxY4ANto7i2uqepo47DRTQsJ67SLjvzL3HT1mkKzr1xCfvw&sai=AMfl-YSlI_ptU6x4HGCmy6sFe7ZWpa9A2bUyOH1PTl9jv0aE51BO656rf8DB-O5ksE5NQI8waMXJ-bzxlxqQ&sig=Cg0ArKJSzAjp7NSbmT7AEAE&id=lidar2&mcvt=1000&p=0,0,280,1028&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=277232271&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646224737190&rpt=937&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A28 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueedOwVbNfdEEGLHZp6aHq6J_9JFirJhxPEvtj-tESLYfUiRJbEoZml9EdHtj8aUjHnbCv0qH9WHc0c8ZnyVZOrwvlNjvw_vjDezyA&sai=AMfl-YRMjowtqx6eLrncOTbdlKgmeyUaXFhvoKZUJ4ZgHrnj3nvPdPTUhE-6zeHu2_tlGx3gB07nqdDItY-f&sig=Cg0ArKJSzHy8PZu7B2POEAE&cid=CAASBORouWI&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1522501397&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646224737487&rpt=774&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220228&jk=4140970078113737&bg=!YWKlYibNAAYFuXAgBbk7ACkAdvg8WhJKcegh2xo1SSatar5_I7iOPH229t_4aQhlzAbsruJ0O3eskgIAAABhUgAAAANoAQcKADsCL2p787Sk6-SiQuaeqhUNZYK4t13xvqZGfsScqs5t_kakTrVvCOz8vSODThsyJeDXeIgssyk6yER-iZkCkymrEeG6TtTrBvW9FYw36zYeNGK4dPB87DwF0DJRKMbwoCr3ajZc8i_MdUlFK3LdNtmwjRI8ukxKVDYQluOgSZ2YkzaSpEBdLWuHuxvU_nSqQ_nqTtBJ6ysk4evVoGUG85IiRoQiAJ8sBtaiouPFwVWqg-KR7rTllKIj0epuBj8ozb_G54L3nX1gwzeVd0-fxu2n34SKxBiGz_Rr3lLy50WJq310RgFHM7IyZI_3SX5FgFaYggeyCfTgo6Yx-qhjOlM9P7E01UnG3UY0Kn19601fKEXkkxleCfxfpNsUGPPflnsBvnNWmMm61rUGeHAt1ao0Gean0tw3pLkLWRFROv2KrxMbP_coaGsXpCYofFNqLCS-i73tWJt1jxLvNEK7RWZn5ILHBGc4RqcIKxYBdHcwQFRuiYceUD3jNrOMUZmQ8h-1tEvaazR2Z-T97q1gVW0CXFROVkUPUP2cZ2oY9nJRUXFabOwWlzPjLnJGeLJ7A9ENyU3CymLJFsNQTeSMnNU6Tsu0-vpFLlLD0l-DbLs60uke_im5jiirTMR-K3IcRt21yWF9MWwJ3pyZB0WZx-dFA_mFaDa4W8UOD8ietlnsqv37JmwKwHbgPToR1tlkJqi3VWVW5yqiG4qv-LWIT5MmOuLSHV7GsLvg3d6Qnd7HCQSxhG1CH7Ve0jHHM0EDe8aGfnaEsOW9Y_l3SGiyFqNnqBYJzyEQLtOjZqY1N2KsA8Mypiq5zk_WhSf8HoXNUAv3INx1qLOiLxZE5VrNIQioFtmg1hLSqjMGc4Yp9H3Gr6W-OLVZp8LG7hED4R_tlOByzRMS2UwZDu-GPDuIoNV46tVC01Q_WLJ29ErTY-_yhIQ095CLlLzb5YYnzhzE8I6G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 12:38:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kooora2day.online/	1970-01-23 16:53:04	Name: tb Value: rndmtb
.kooora2day.online/	1970-01-20 18:48:16	Name: _ga_9CBR5VC63K Value: GS1.1.1646224737.1.0.1646224737.0
.kooora2day.online/	1970-01-20 18:48:16	Name: _ga Value: GA1.1.1027809599.1646224737
.kooora2day.online/	1970-01-20 10:38:40	Name: __gads Value: ID=170d973c6ba32d23-22c9e69450cd0074:T=1646224737:RT=1646224737:S=ALNI_Mbrfi9j_mzy8BEY02vUG-SZskHohg
.doubleclick.net/	1970-01-20 10:38:40	Name: IDE Value: AHWqTUm3A5ZTfjsYQkQCK-YNCONK1KzeDlQGYo-wTWWyMvt1xSnq_SRRpim27MH_lPg
.adnxs.com/	1970-01-20 03:26:40	Name: uuid2 Value: 590247472506292067
.casalemedia.com/	1970-01-20 03:26:40	Name: CMPS Value: 689
.adnxs.com/	1970-01-20 03:26:40	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>8qP3Im!]tbPl1M>e)ZlrFUfJ+tGXxo]Dc5BsE''*rSGx_ATEB(FOYM_d_KADZModLq3If)y3KL9D3I?+4<NYrz
.casalemedia.com/	1970-01-20 10:02:40	Name: CMID Value: Yh9lYXYrkKF-Xl.7p14ubgAA
.casalemedia.com/	1970-01-20 03:26:40	Name: CMPRO Value: 338
.casalemedia.com/	1970-01-20 01:18:31	Name: CMST Value: Yh9lYmIfZWIA
.casalemedia.com/	1970-01-20 10:02:40	Name: CMRUM3 Value: 2d621f65622760CAESEIIF1vm1AzO4AH08Osa98io
.doubleclick.net/	1970-01-20 01:17:08	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kooora2day.online/img/champ.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kooora2day.online/img/tv.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kooora2day.online/img/com.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
bid.g.doubleclick.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.rawgit.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
kooora2day.online
kora2day.online
p4-big7keumognm6-gac6wwpfxlhdbqa7-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-aigzrnld.c.2mdn.net
r5---sn-aigzrnld.c.2mdn.net
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.179.162
142.250.184.226
142.250.185.130
142.250.186.99
185.33.221.50
2.20.157.55
2606:4700:3035::ac43:aa61
2606:4700::6810:5914
2607:f8b0:4001:c0b::78
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:4009:3::8
2a00:1450:4009:3::a
2a00:1450:400e:803::200a
2a06:98c1:3120::7
74.125.133.157
89.187.169.47
00a214af6753281049674dcf8afef899d36a406613cad6de29982fbd0431d89f
051848460bdf4da4bb2df62a03476e7859227656677054f86b2c1a9155bb0b2e
0562ed7457f7867020b3842abf96998459c8c01ec27205dab7c79da7484f8bbd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d5eb7cf7e00ce503123be4608087c81b618288b261f48cbbe0efcd0f1f8b773
0d8f097b0126cc8db0c39f4fcc805f1456d5df20f7535e1628b1f0aaf0339a7a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12badebffd0b9469a7723511aef4d1dbd71cc5fcb674b2c7b560ba3d9b33d59b
13e0fa139f142ba0536cb05f41c2f8041898dec667e91bfb86f132181f792c15
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa245c7adb263256ad4366c6c45ad49376732bb9e722ee51e53517716f437b9
1beeb14fcd194b0183ecdaf247fe599782ed1ad690c3529a00c972e3d519c251
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2091822ddb71b982236de54bd9ba45e876123e41ef38b2937917e58d10257912
21aa49579e8ed712d60f2b10e7888512705cfb0b4bba22f7258a3865d05753d3
2284e19fea050491622db728311a64b190eb9fd18bef568f3cd210321ff03c13
22c0bde5147851673d9a566f48687305cc92c63ae9994d6d227b2d4dd4e481c8
238bfd262b6030aa2c3dcc10f6b5a9035a3b4c39211dbd2f9669d181c4818695
2448f01a3ad85974366461d3a2e236aaaf46f05fb8b7fab4cfbf0b963c207bfb
2842a7b4ff7548db045e0af45bc1bf416898786fc4ed320bf3fc2e49d1bdb18e
29a0bb5cf80e398769aed4f2c2b522f754f2eee16c4c49ed2fec46626c3fc425
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2f50db36c8eca270c92b9d9d37714a0da42c94a761de009447ab2c08473a5947
301548b6325e4b5112b4ecd7202bc8c8288ff43d99ef52324daedfc062f508d9
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
353c1e8cd3197a81367cb081a0c39e33dd6445ec15735e68b5833b65e2dd5e1e
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
3eb965f3699518d8395cfb70d083643955fc2933fe9b4f969c3dc7ea4aedea90
3ee7d638b3d881d88751994caf7ac70a4e2e88ab491d84d96bb668427b775ddd
4151b22743cdf1156af80f7661631ba67f8d4462d0f5d2442fbcd8f6f045100b
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
490035766f64f4957a813abe10bf17628f5b30ee32e9e5f0dc6d9bd405c9086a
490bab4d5a88c9ccf9b37afbe30b2577261ca9304e16ea06a3496d74f965e54b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8e5ec71d619ab76609fd51c487682ddb89e1b6d6222180dc59af5518780aba
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50606030e1a539bd497617e6a98485644b8778f02615ff5a0f61dc0dc37dc763
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55891179b1b2aab37438facc6b547e2fbb16608374df148ef12120a58da87e88
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563c8aea477fe6d1e75e7d73fec8f2d94d3ea5c4663aa5fb2fbc3563a10f7404
573693ea4a23fdde65dbe87ecee6bfd76bc04a6d39b709f043c128367a95c64b
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f950a7b20d9aee54c00b8e7326f3a600214670cf276c697692ddab789636c09
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65ddd8e2138b1f6200fc62c1e1920b9b9cbe5f1dc606e18a21be499f445d649e
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6959ffc931a67f5f17c1b4240fdff63403eae0a44283fa11281303650c6445e0
699eaea7f37fe661fd34eb84e7687df50ca1395564c7991301024dbd0e7cf83b
6ee6b835b1a8bb878a2e9696ea68c22ac2be9de8050b096f419c49c731cc2640
71bb557b53de442ed40c69a5155401b43cf5189e5a3e448a695017e14ed589a9
72c889abd45f6489223c4f68c6f2e6e5f0816f3b6a225a0d2afe6f521028ae30
7306dbc0f19789de8d5534e3d6b2f524f987e77d6eb58f92ab0c9e0ee3041544
767e2f3fd92235d466642b48be901b78fe92f5a0aefdc28f79234fb3cfe10faa
787f1220fdbf3e5484dc0671a13d7b7d4710bcdf8891197bd63e5765fa54729d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4
7f45735c60d62a9d690f19eb78ac9d4583d9b9d68e2c89ea277a9786b36767a9
824e2fd8fb72711c407a0451879670798ab118380b3dd81e3d7415d014c5d687
87c8a6528a6e3063217833a48ecc4467fd425e13064db4762b51382da9aae53d
88fee4c4f2ea85c1818265a09a774520c1f5a273025f799e363df2f58cf241c2
89c4ac2f6d37ed2080e5a506ea2f9aaef4b3c301190c1a42e2dbca2f691c1bae
8be06cb7179678c39e1242660384b3b9c88c290bf5af43377dabb287a0e23546
8f1e0a556f733ddb13abb819c5007808aa3f503fc12cffe42940be4ccf9fb586
8f3afc71aba25e5193968048256bc3701370258e28e44105d530334bce5036b6
8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a
91a9fddd32c9d64fb5703e2bc235d14553dc415746089831fbea08e9230c43a5
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
948d46866167f73d90da2bec3a6fd22cb2af32def3cb7400c87a92478e52045e
962bef8c5925fe553f2594df35585a5e9a3095e360797fa07fb192a0180ee535
96591c218cd688355f0a08f45108c665b4dfc2c2aefd5c53e57e380968d84d06
9afd87fd74378e162c0cb3cf67c71e829f1beaac96677263812db425ee4845b6
9d6e8f3008d9c69cabcd4ade1fa8db5f6b7b3d09470ceed76549e4ce8e50376d
9efa7e8612c3907248f4ff0148d501e8578e7b4afb07ba50551bfd92ec4d1268
9f7d98e795dc068d9b72c1c415399155a60dd3d408b06132cbbc5b52f01041b6
9feafa033b9e4149e6fee5caa77dbe2c84f80dcfd7e29405d38ef3131149ba5b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4848a9644de855c1058a77c17add6b7994f2ed15a979bf74540ce5709d03db6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adaa7ebac09a0db0450f7db330348788e02ffee2a3edc2f70d1888a89f355cba
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4216d18691bc48effb49a4acd3cc25ddcddaad34d42d7f1dc798cc66d9d588f
ba3b8f69090533008976e1b14f5bd7a2199a1e4d36f505ee30b31f50d8aa3018
bb634d4f1498400e543624543c1b96ddbf8d05d626cec1a203a5c6a55536b8e2
c10b6cfaa77d4187ebb0998bb31acab4463e76cd76f0dea24cbe0bf5be27c0d2
c6b87ac94bf308e3584c69ccd54772a582ac49d7cfc8f033f1c0995071baa3b6
c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61
ca7442c45b6cd63509b4e54ae9669affd00e37fd68e3ae273d3c6f7d4dff710d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d2f1b8bd2eb14a4bfb2496566389f0de0857566996258dbd88b9515dd881ea30
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d58bc3a27af169cb087a0831a377f21b5a875ba34cd73b4a2f54ae0ea362f0cf
d725706171ee167813fe2651beb7d7159c4378253a1b40e333b49eb3b15f20bd
d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6
d8c224fb222f6a5c316cc4df16c2956060f96961a06f1d61919a465419614a6a
dcebba8ad2649cd0c94658d8f7a9888b05e8dcba1b64f0455fca285a7e603dea
dde798d344b8e528b67d8d96ec2ca1df05b70bae356a8903985775b45002e7ad
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e106d048b80f677650e1a74fd03b1be6296b33a133b6f72cbcd329e3cb651bf2
e13456d4fa8db14e906fc975f9cd30e7aa69a3c0e4895b562e4ee9593eade4f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2437814d4f9db3c11bac9c80ba14567a8f486645b5548d4eeddb9a3a5e0e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef56290d6a414537e9221fc437fa720383d5de39cbecad64832a6ff0f8315b19
f0d0183224947491a726527bce158846032a026a8c79ab78ebf1443431d5a8e9
f5488c6a9dd5d39ab64aeb93c9a5ace188e15d47fed1829c06d6632620b4496d
f6a8729ca45d78edf64e2b4a0ca73be66aba6ed3332cb949ce010b5bf059283c
fae111500cc7ac97add95d1e3338f4b5d722991c712983632339b50c37fb3c59
fbe27964038812f10e113e435e204baa79fec074d60849fb2fdb072688668aed
fbf7e0e399b04d485b87bf91d63b01578f601e3443cf9bf53223d577b76f1ba7
fcc8273eec8e059a535a6c3ebd4d67238686c044e164b3455ba75345f1aa4d21
fd57ce402a088738dd0297e29f81b5a5d2f76255dd632e2f9e0eb010161e2ac7

kooora2day.online Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

87 %HTTPS

75 %IPv6

18 Domains

34 Subdomains

30 IPs

6 Countries

2352 kBTransfer

5594 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

kooora2day.online Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

87 %
HTTPS

75 %
IPv6

18
Domains

34
Subdomains

30
IPs

6
Countries

2352 kB
Transfer

5594 kB
Size

13
Cookies

178 HTTP transactions
8 data transactions